# Variables, Loops, and Port Scanner In the previous post, we went over how to create a Bash script and run it on our terminal. In this one, we will be taking a look into creating variables, loops, passing system arguments, and finally - building a portscanner. #### Variables Variables are names that hold a value. If we have a fruit, the fruit will have seeds in it, in programming we might say fruit="Seeds", it's a great way to store things which we want to reference it later in the program. ```bash #!/bin/bash hello="Hello World" echo $hello ``` We first assigned a string `"Hello World"` to our variable called hello, then we used the `$` operator to reference the variable `hello`, and used the `echo` command to print the string out to the user. We can use a number of data types to store into our variables, namely: ```bash string: Alphanumerical Character "Apple" float: Decimal Value 3.14 integer: Numerical Value 5 ``` #### Loops Loops are methods in which we can iterate over a given code a specific number of times or, an infinite number of times (infinite loop). Generally, we want to avoid infinite loops as it can crash your program or computer. There are a couple of loops that we can choose from; While loops, Until loops, and For Loops. **For Loop** The for loop is usually used to iterate through a range of items or a sequence of integers. Let's take a look at a simple example using the same code as before: ```bash #!/bin/bash hello="Hello World" for i in range {1..5} do echo $hello done ``` We first gave an instruction to our loop to iterate on a range from 1-5: `for i in range {1..5}`, then we said `do` to tell the program what to run, which in this case was our echo statement, then we closed the loop using `done` The output looks like this: ```bash Hello World Hello World Hello World Hello World Hello World ``` **While Loops** While loops are used when the limit is unknown, like `loop $function until $function > 10`, we don't know when it will be more than 10, but when it reaches that the program stops. (When it reaches the specified limit, it changes True to False) ```bash #!/bin/bash count=0 while [ $count -le 5 ] do echo "Count = " $count ((count++)) done ``` We first assigned an integer variable called `count` with the value `0` so we can iterate up to a number limit. Then, in our `while` loop, we specified that count should be Less Than (`-le`) 5. The command in the loop will print out the current number that count is assigned to then increment count by 1. The output looks like this: ```bash Count = 0 Count = 1 Count = 2 Count = 3 Count = 4 Count = 5 ``` **Until Loops** Until loops are similar to While loops, but instead of the statement being True, it's first False then changed to True once the condition is met. ```bash count=0 until [ $count -gt 5 ] do echo "Count = " $count ((count++)) done ``` Our condition is that `until` our `count` variable is Greater Than (`-gt`) 5, repeat the command. The output for this is the same as While. A more in-depth look into loops can be found in [this link](https://linuxhint.com/full-guide-to-bash-loops/) #### Port Scanner A port scanner is a program which identifies what network ports a given address has. For example, if we have a network `127.0.0.1` with an `http` server, we might identify port 80. This is useful if we want to attack networks as it gives us a path of what we want to enumerate or use as our attack vector. ```bash #!/bin/bash # Variables ip=$1 # Scanner for port in range {1..65535} do 2>/dev/null echo > /dev/tcp/$ip/$port if [ $? == 0 ]; then { echo "[+] Port: $port is open" } fi done ``` The variable `ip` takes in the first command line argument from the user `./portscanner.sh `, which is then run through `/dev/tcp` with the port from range 1..65535 (the max number of ports on a network). If the port is open, then the port will be printed to the user. If not, then it will be sent to `/dev/null` to hide the output. ```bash $> ./portscanner.sh 127.0.0.1 [+] Port: 8080 is open ``` #### Conclusion We now have a basic understanding of how Bash scripts are written and how we can interact with linux applications using it. Your task is to experiment with different things that you might need in a CTF, daily automation, etc. Good luck! --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://blog.securescape.cc/fundamentals/programming-wip/bash/variables-loops-and-port-scanner.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.