In Unix-like too another operating systems, detect is a command-line utility (Find Command Examples here) tin hold upwards used to search through ane or to a greater extent than directory trees of a file system, locates files based on around user-specified criteria too applies a user-specified activity on each matched file. The possible search criteria include a designing to gibe against the file advert or a fourth dimension hit to gibe against the modification fourth dimension or access fourth dimension of the file. By default, detect returns a listing of all files below the electrical flow working directory.
The related locate programs role a database of indexed files obtained through detect (updated at regular intervals, typically yesteryear cron job) to supply a faster method of searching the entire filesystem for files yesteryear name.
I bring collected these examples too I establish that I oft come upwards dorsum to search a item Find ascendancy to search for a specific file, hence decided to set them on a post. Tech Mint seems to bring the best guide too my post is based on their master copy post.
Find Command for Finding Files amongst Names
1. Find too listing all files inwards electrical flow too sub directories
Find too listing all files on your electrical flow directory.
root@kali: # detect | head
.
./dir777
./.lock
./.ICEauthority
./FindCommandExamples.txt
./.mozilla
./.mozilla/extensions
./.mozilla/firefox
./.mozilla/firefox/9n757kmh.default-1407199852988
./.mozilla/firefox/9n757kmh.default-1407199852988/urlclassifierkey3.txt
root@kali: #
You tin also role it to detect a specific file, for instance detect all the files whose advert is FindCommandExamples.txt inwards a electrical flow working directory.
root@kali: # detect /root -name FindCommandExamples.txt
/root/FindCommandExamples.txt
root@kali: #
2. Search too listing specific directory or path
Find all the files nether /tmp directory. It lists out all files yesteryear default.
root@kali: # detect /tmp | head
/tmp
/tmp/.ICE-unix
/tmp/.ICE-unix/2899
/tmp/btdADJLclI
/tmp/.X0-lock
/tmp/pulse-Izwfn0i4P8La
/tmp/pulse-Izwfn0i4P8La/dbus-socket
/tmp/pulse-Izwfn0i4P8La/native
/tmp/pulse-Izwfn0i4P8La/pid
/tmp/mutt-kali-0-23824-9061537041904758789
root@kali: #
3. Find Files Using Name too Ignoring Case
Find all the files whose advert is FindCommandExamples.txt too contains both working capital missive of the alphabet too pocket-size letters inwards / directory.
root@kali: # find / -iname findcommandexamples.txt
/root/FindCommandExamples.txt
root@kali: #
4. Find Directories Using Name
Find all directories whose advert is root inwards / directory.
root@kali: # detect / -type d -name root
/opt/metasploit/apps/pro/ui/vendor/bundle/ruby/1.9.1/gems/fssm-0.2.10/spec/root
/root
/usr/share/nvidia-visual-profiler/plugins/org.eclipse.ui.intro.universal_3.2.500.v20110510/themes/purpleMesh/graphics/root
/usr/src/linux-headers-3.14-kali1-amd64/include/config/usb/ehci/root
/run/udev/links/root
root@kali: #
5. Use detect to confine depth of directory search
Find ascendancy searches all files too folders all the mode upto the terminal depth. This mayhap fourth dimension consuming too resources hungry when you’re searching a big directory or if y'all bring equally good many pocket-size files broken into multiple directory. It is possible to to confine detect ascendancy to search solely upto 1 levels downwardly (or 2 or three or anything you’d wishing for) of subdirectories. This tin hold upwards done using the maxdepth option.
root@kali: # detect /etc -maxdepth 1 -name "*.conf" | tail
/etc/miredo.conf
/etc/uniconf.conf
/etc/pam.conf
/etc/mke2fs.conf
/etc/arpwatch.conf
/etc/chkrootkit.conf
/etc/ca-certificates.conf
/etc/insserv.conf
/etc/colord.conf
/etc/gai.conf
root@kali: #
Now the inwards a higher house instance present all .conf files inwards /etc folder.
If y'all desire to become downwardly 1 depth below role 2 instead of 1.
root@kali: # detect /etc -maxdepth 2 -name "*.conf" | tail
/etc/arpwatch.conf
/etc/chkrootkit.conf
/etc/ca-certificates.conf
/etc/insserv.conf
/etc/colord.conf
/etc/gai.conf
/etc/cisco-torch/torch.conf
/etc/nvidia/nvidia-blacklists-nouveau.conf
/etc/nvidia/nvidia-modprobe.conf
/etc/gdm3/daemon.conf
root@kali: #
The minute instance uses maxdepth of 2, which way it volition non become lower than 2 degree deep, either solely inwards the electrical flow directory.
You tin also use mindepth which plant the other mode around.
6. Find all PHP Files inwards Directory
Find all php files inwards a directory.
root@kali: # detect . -type f -name "*.php"
./blackmoreops.php
root@kali: #
Find Files Based on their Permissions
7. Find Files With 777 Permissions
Find all the files whose permissions are 777.
root@kali: # detect . -type f -perm 0777 -print
./0777.txt
root@kali: #
8. Find Files Without 777 Permissions
Find all the files without permission 777.
root@kali: # detect . -type f ! -perm 777 | head
./.lock
./.ICEauthority
./FindCommandExamples.txt
./.mozilla/firefox/9n757kmh.default-1407199852988/urlclassifierkey3.txt
./.mozilla/firefox/9n757kmh.default-1407199852988/cookies.sqlite
./.mozilla/firefox/9n757kmh.default-1407199852988/localstore.rdf.original
./.mozilla/firefox/9n757kmh.default-1407199852988/permissions.sqlite
./.mozilla/firefox/9n757kmh.default-1407199852988/extensions.ini
./.mozilla/firefox/9n757kmh.default-1407199852988/extensions.sqlite
./.mozilla/firefox/9n757kmh.default-1407199852988/bookmarkbackups/bookmarks-2014-08-07.json
root@kali: #
9. Find SGID Files amongst 644 Permissions
Find all the SGID chip files whose permissions educate to 644.
root@kali: # detect . -perm 0644 | head
./.lock
./FindCommandExamples.txt
./.mozilla/firefox/9n757kmh.default-1407199852988/urlclassifierkey3.txt
./.mozilla/firefox/9n757kmh.default-1407199852988/cookies.sqlite
./.mozilla/firefox/9n757kmh.default-1407199852988/localstore.rdf.original
./.mozilla/firefox/9n757kmh.default-1407199852988/permissions.sqlite
./.mozilla/firefox/9n757kmh.default-1407199852988/extensions.ini
./.mozilla/firefox/9n757kmh.default-1407199852988/extensions.sqlite
./.mozilla/firefox/9n757kmh.default-1407199852988/places.sqlite-wal
./.mozilla/firefox/9n757kmh.default-1407199852988/indexedDB/chrome/idb/2588645841ssegtnti.sqlite
root@kali: #
10. Find Sticky Bit Files amongst 551 Permissions
Find all the Sticky Bit educate files whose permission are 551.
root@kali: # detect / -perm 0551
11. Find SUID Files
Find all SUID educate files.
root@kali:/bin# detect . -perm /u=s | head
./mount
./su
./ping
./umount
./ping6
./fusermount
root@kali:/bin#
12. Find SGID Files
Find all SGID educate files.
root@kali:/var# detect . -perm /g+s | head
./lib/tor
./lib/libuuid
./cache/man
./cache/man/ja
./cache/man/ja/cat5
./cache/man/ja/cat8
./cache/man/ja/cat1
./cache/man/cat5
./cache/man/pa
./cache/man/pa/cat5
root@kali:/var#
13. Find Read Only Files
Find all Read Only files.
root@kali: # detect / -perm /u=r | head
/
/etc
/etc/logcheck
/etc/logcheck/ignore.d.workstation
/etc/logcheck/ignore.d.workstation/mysql-server-5_5
/etc/logcheck/ignore.d.workstation/lirc
/etc/logcheck/ignore.d.server
/etc/logcheck/ignore.d.server/mysql-server-5_5
/etc/logcheck/ignore.d.server/iodined
/etc/logcheck/ignore.d.server/lirc
14. Find Executable Files
Find all Executable files.
root@kali:/bin# detect . -perm /a=x | head
.
./tailf
./ntfswipe
./dir
./dd
./true
./mountpoint
./ypdomainname
./zmore
./stty
root@kali:/bin#
15. Find Files amongst 777 permissions too alter permissions to 644
Find all 777 permission files too role chmod ascendancy to educate permissions to 644.
root@kali: # detect / -type f -perm 0777 -print -exec chmod 644 {} \;
/root/blackmoreops.php
root@kali: #16. Find Directories amongst 777 permissions too permissions to 755
Find all 777 permission directories too role chmod ascendancy to educate permissions to 755.
root@kali: # detect . -type d -perm 777 -print -exec chmod 755 {} \;
./dir777
root@kali: #
17. Find too take away unmarried File
To detect a unmarried file called FindCommandExamples.txt too take away it.
root@kali: # detect . -type f -name "FindCommandExamples.txt" -exec rm -f {} \;18. Find too take away Multiple File
To detect too take away multiple files such equally .mp3 or .txt, too then use.
root@kali: # detect . -type f -name "*.txt" -exec rm -f {} \;
OR
root@kali: # detect . -type f -name "*.mp3" -exec rm -f {} \;19. Find all Empty Files too directories
To file all empty files nether for certain path.
root@kali: # detect /tmp -type f -empty
/tmp/mutt-kali-0-23824-9061537041904758789
/tmp/mutt-kali-0-23410-1906773975188079418
/tmp/qtsingleapp-flareg-bcdb-0-lockfile
root@kali: #
To file all empty directories nether for certain path.
root@kali: # detect /tmp -type d -empty
/tmp/pulse-PKdhtXMmr18n
/tmp/tracker-root
/tmp/orbit-root
/tmp/plugtmp
root@kali: #
20. File all Hidden Files
To detect all hidden files, role below command.
root@kali: # detect /tmp -type f -name ".*"
/tmp/.X0-lock
root@kali: #
Search Files Based On Owners too Groups
21. Find Single File Based on User
To detect all or unmarried file called FindCommandExamples.txt nether / root directory of possessor root.
root@kali: # detect / -user root -name FindCommandExamples.txt
/root/FindCommandExamples.txt
root@kali: #
22. Find all Files Based on User
To detect all files that belongs to user root nether / directory.
root@kali: # detect / -user root | head
/
/etc
/etc/logcheck
/etc/logcheck/ignore.d.workstation
/etc/logcheck/ignore.d.workstation/mysql-server-5_5
/etc/logcheck/ignore.d.workstation/lirc
/etc/logcheck/ignore.d.server
/etc/logcheck/ignore.d.server/mysql-server-5_5
/etc/logcheck/ignore.d.server/iodined
/etc/logcheck/ignore.d.server/lirc
root@kali: #
23. Find all Files Based on Group
To detect all files that belongs to grouping root nether / directory.
root@kali: # detect / -group root | head
/
/etc
/etc/logcheck
/etc/logcheck/ignore.d.workstation
/etc/logcheck/ignore.d.workstation/mysql-server-5_5
/etc/logcheck/ignore.d.workstation/lirc
/etc/logcheck/ignore.d.server
/etc/logcheck/ignore.d.server/mysql-server-5_5
/etc/logcheck/ignore.d.server/iodined
/etc/logcheck/ignore.d.server/lirc
root@kali: #
24. Find Particular Files of User
To detect all .txt files of user root nether / directory.
root@kali: # detect / -user root -iname "*.txt" | head
/etc/X11/rgb.txt
/etc/bluemaho/handbook.txt
/etc/unicornscan/ports.txt
/etc/unicornscan/oui.txt
/etc/siege/urls.txt
/boot/extlinux/boot.txt
/var/lib/inetsim/data/tftp/tftproot/sample.txt
/var/lib/inetsim/data/quotd/quotd.txt
/var/lib/inetsim/data/ftp/ftproot/sample.txt
/var/lib/inetsim/data/http/fakefiles/sample.txt
root@kali: #
Find Files too Directories Based on Date too Time
25. Find Last fifty Days Modified or Accessed Files
To detect all the files which are modified fifty days back.
root@kali: # detect / -mtime fifty
/opt/metasploit/apps/pro/ui/scripts/ctl.rb
/opt/metasploit/apps/pro/ui/scripts/worker_ctl.rb
To detect all the files which are accessed fifty days back.
root@kali: # detect / -atime 50
26. Find Last 50-100 Days Modified Files
To detect all the files which are modified to a greater extent than than fifty days dorsum too less than 100 days.
root@kali: # detect / -mtime +50 -mtime -100 | head
/etc/chatscripts/provider
/etc/profile
/etc/ssh/sshd_config
/etc/host.conf
/etc/console-setup/Uni2-Fixed16.psf.gz
/etc/default/ntfs-3g
/etc/default/saned
/etc/default/atftpd
/etc/default/exim4
/etc/network/if-up.d/wpasupplicant
root@kali: #
27. Find Changed Files inwards Last 1 Hour
To detect all the files which are changed inwards terminal 1 hour.
root@kali: # detect / -cmin -60 | head
/proc/asound
/proc/asound/NVidia
/proc/asound/MID
/proc/asound/card1
/proc/asound/card1/id
/proc/asound/card1/codec#0
/proc/asound/card1/codec#1
/proc/asound/card1/codec#2
/proc/asound/card1/codec#3
/proc/asound/card1/eld#0.0
root@kali: #
28. Find Modified or Accessed Files inwards Last 1 Hour
To detect all the files which are modified inwards terminal 1 hour.
root@kali: # detect / -mmin -60
To detect all the files which are accessed inwards terminal 1 hour.
root@kali: # detect / -amin -60
Find Files too Directories Based on Size
29. Find 15MB Files
To detect all 15MB files, use.
root@kali: # detect / -size 15M
/var/lib/dkms/nvidia-current/331.67/3.14-kali1-amd64/x86_64/module/nvidia-current.ko
/opt/jdk1.7.0_60/lib/tools.jar
/opt/jdk1.7.0_60/jre/lib/amd64/server/libjvm.so
/opt/jdk1.7.0_60/jre/lib/jfxrt.jar
/root/Work/conky-manager/default-themes-extra-1.cmtp.7z
/usr/lib/python2.7/config/libpython2.7-pic.a
/usr/lib/python2.7/config/libpython2.7.a
/usr/lib/jvm/java-7-openjdk-amd64/jre/lib/amd64/server/libjvm.so
/usr/bin/multiforcer
/usr/bin/mono-sgen
/usr/share/zaproxy/lib/jfxrt.jar
root@kali: #
30. Find Size betwixt 50MB – 100MB
To detect all the files which are greater than 50MB too less than 100MB.
root@kali: # detect / -size +50M -size -100M
/var/cache/apt/archives/nvidia-visual-profiler_5.0.35-8 bpo70+1_amd64.deb
/var/cache/apt/archives/nvidia-cuda-doc_5.0.35-8 bpo70+1_all.deb
/var/cache/apt/archives/metasploit-framework_4.9.3-2014072301-1kali0_amd64.deb
/opt/jdk1.7.0_60/jre/lib/rt.jar
/opt/Teeth/units/CVE-2013-07-11.csv
/root/Downloads/cudaHashcat-1.21.7z
/usr/lib/chromium/chromium
/usr/lib/x86_64-linux-gnu/libcublas.so.5.0.35
/usr/lib/x86_64-linux-gnu/libwireshark.so.3.1.1
/usr/lib/x86_64-linux-gnu/libnpp.so.5.0.35
/usr/share/w3af/w3af/plugins/crawl/phishtank/index.xml
/usr/share/wordlists/rockyou.txt.gz
/run/shm/pulse-shm-1617702718
/run/shm/pulse-shm-543938446
/run/shm/pulse-shm-2061196650
/run/shm/pulse-shm-519747678
/run/shm/pulse-shm-5957035
/run/shm/pulse-shm-2279876097
root@kali: #
31. Find too Delete 100MB Files
To detect all 100MB files too delete them using ane unmarried command.
root@kali: # detect / -size +100M -exec rm -rf {} \;32. Find Specific Files too Delete
Find all .mp3 files amongst to a greater extent than than 10MB too delete them using ane unmarried command.
root@kali: # detect / -type f -name *.mp3 -size +10M -exec rm {} \;Conclusion:
This was a pocket-size guide on how to role Linux Find Command. I gathered these information equally much I could too establish them useful. Hope this benefits y'all too.
Sources:
- Wikipedia: http://en.wikipedia.org/wiki/Find
- TechMing: http://www.tecmint.com/35-practical-examples-of-linux-find-command/
