Abhishek Singh
Reputation: 9765
Unix Grep for hardcoded passwords
So as a part of audit, I want to find out if the application has any hardcoded password. Currently I am using the following command.
grep -irw "password" *
But I want it to match the following
password=ABC
password= ABC
password = ABC
any other combination including white spaces
How can that be done ?
So the intention is to
To match if there is a string starts with password, 0 or more spaces, =, 0 or more spaces, and then any 1 or more letters
Upvotes: 1
Views: 7649
Answers (1)
Wiktor Stribiżew
Reputation: 627335
You are most probably looking for
grep -irE '(password|pwd|pass)[[:space:]]*=[[:space:]]*[[:alpha:]]+' *
The regex is a POSIX ERE expression that matches
(password|pwd|pass)- eitherpasswordorpwdorpass[[:space:]]*=[[:space:]]*- a=enclosed with 0 or more whitespaces[[:alpha:]]+- 1 or more letters.
To output matches, add -o option to grep.
Upvotes: 2
Related Questions
- Matching password pattern in files using regex in egrep
- I need to grep for an exact word in password file but I get two responses back
- Unix Grep command
- Unix Search (grep)
- Grep Shadow File Meaning
- unix shell script(grep command)
- Searching Linux Files for a string (i.e.root credentials)
- Unix grep command
- unix grep command
- grep command line, linux