Learn best practices for safely creating and cleaning up temporary files in your Bash scripts using mktemp, traps, and secure patterns.

Learn how to create interactive, user-friendly command-line menus using select, PS3, and simple loops in Bash.

Learn how to unlock the power of xargs in Bash to build fast, flexible command pipelines without forking too many subshells.

Bash Scripting Sunday #2: Writing a Safe and Robust Bash Script

In today’s post, I’d like to give some insight into writing safer scripts using Bash’s built-in options.

Why Script Safety Matters

A poorly written script can cause unintended data loss, infinite loops, or security vulnerabilities. Writing robust scripts ensures they behave predictably and handle errors gracefully.

1. Enabling Safe Bash Options

Bash provides built-in options to catch errors early and prevent common pitfalls.

Bash Scripting Sunday #1: Bash Parameter Expansion - Save Time and Avoid Subshells

In this entry, I’d like to show you how to use Bash Parameter Expansion to make your life a little easier, your scripts a little quicker, and use less resources.

Here’s an example script that isn’t using Bash Parameter Expansion:

#!/usr/bin/env bash
filename="/path/to/file.txt"
echo "Basename: $(basename $filename)"      # file.txt
echo "Dirname: $(dirname $filename)"        # /path/to

This script will output:

Ward Christensen - 1945/10/23 - 2024/10/11 (78 years)

Ward Christensen was a pioneer whose contributions laid the foundation for much of the online world we know today. His passing on October 11, 2024, marks the loss of a visionary who, alongside Randy Suess, helped create the first bulletin board system (BBS), a groundbreaking innovation that connected people in ways never before imagined.

Back in 1978, when the idea of communicating with others via a computer was still in its infancy, Ward Christensen and Randy Suess saw an opportunity to leverage their technical knowledge to build something transformative. They created the CBBS, or Computerised Bulletin Board System, in Chicago during a particularly harsh winter. That vision not only pioneered what would eventually evolve into today’s online forums, message boards, and social media platforms but also helped foster a sense of community among early computer enthusiasts.

Scaling Up: Migrating Our Mastodon Media Storage to DigitalOcean Spaces

Hello again!

It’s been a few months since launching our Mastodon instance, and I’m delighted with how well everything has been going. Our community has grown, and the interactions have been engaging and meaningful. I am thrilled to see such vibrant conversations and connections blossoming in our space.

However, with this growth came a pleasant challenge: our local storage quickly filled up with all the media files shared by our users. Photos, videos, and other media-rich posts were becoming increasingly difficult to manage with the limited local storage we initially set up.

Join the Conversation: Launching Our Mastodon Instance

Hello there!

We are thrilled to announce the launch of our very own Mastodon instance! For those unfamiliar, Mastodon is a decentralised social network where users can post, follow, and interact in a space that prioritises privacy and community control. Think of it as a breath of fresh air in the social media landscape, offering a more personal and secure way to connect with others.

Introduction:

In our previous blog post, we explored how to use the getcap command in Linux to identify binaries with dangerous capabilities that could potentially be exploited for privilege escalation. In this follow-up post, we will delve into leveraging the power of GTFOBins (Get The F**k Out Binary) to escalate privileges using these identified binaries. GTFOBins provides a curated list of Unix binaries and their abuse potential, opening up avenues for privesc. Let’s dive in!

Introduction:

Privilege escalation is a critical concern in Linux system security. One common avenue for achieving privilege escalation is through exploitable binaries. In this blog post, we will explore how to utilise the getcap command in Linux to identify binaries that possess dangerous capabilities, providing potential opportunities for privesc.

What is getcap?

The getcap command is used to retrieve the file capabilities of binaries in Linux systems. File capabilities are a feature introduced to enhance security by providing specific permissions to execute certain operations without requiring full root privileges. However, if misconfigured or utilised improperly, these capabilities can become security vulnerabilities.