jdavidbakr · April 6, 2022 19:02
diff --git a/sensitivescan.sh b/sensitivescan.sh
 #!/bin/bash
 if [ "$#" -ne 3 ]; then
    echo "Scan a database for credit card numbers and social security numbers, outputting to an html file with the numbers highlighted in their database insert statements."
    echo "Usage: sensitivescan.sh [db-server] [database] [output-html-filename]"
    echo "Requires mysqldump, grep, and aha installed on the server."
    exit
 fi
 echo "Scanning server $1 database $2 for sensitive information"


 tempfile=`mktemp`

 echo "###################################################################################" >> $tempfile
 echo "          Sensitive scan dump $1:$2 `date`" >> $tempfile
 echo "###################################################################################" >> $tempfile
 echo >> $tempfile

 tables=`echo "show tables;" | mysql -N -h $1 $2`

 for table in $tables
 do
    echo "`date` scanning $table"
    echo "##########################" >> $tempfile
    echo "   $2.$table" >> $tempfile
    echo "##########################" >> $tempfile

    mysqldump -h $1 $2 --extended-insert=false --no-create-info --compact $table | grep -E --color=always "[^0-9a-zA-Z-](([3456][0-9]{3}([ +-])?[0-9]{4}([ +-])?[0-9]{4}([ +-])?[0-9]{4}([ +-])?)|(3[0-9]{3}([ +-])?[0-9]{6}([ +-])?[0-9]{5})|(3[0-9]{3}([ +-])?[0-9]{6}([ +-])?[0-9]{4})|([0-9]{3}[ +-][0-9]{2}[ +-][0-9]{4}))[^0-9a-zA-Z-]" >> $tempfile
 done

 echo >> $tempfile
 echo "################################################" >> $tempfile
 echo "   Scan complete `date`" >> $tempfile
 echo "################################################" >> $tempfile

 cat $tempfile | aha --black > $3 && rm $tempfile
	#!/bin/bash
	if [ "$#" -ne 3 ]; then
	echo "Scan a database for credit card numbers and social security numbers, outputting to an html file with the numbers highlighted in their database insert statements."
	echo "Usage: sensitivescan.sh [db-server] [database] [output-html-filename]"
	echo "Requires mysqldump, grep, and aha installed on the server."
	exit
	fi
	echo "Scanning server $1 database $2 for sensitive information"


	tempfile=`mktemp`

	echo "###################################################################################" >> $tempfile
	echo " Sensitive scan dump $1:$2 `date`" >> $tempfile
	echo "###################################################################################" >> $tempfile
	echo >> $tempfile

	tables=`echo "show tables;" \| mysql -N -h $1 $2`

	for table in $tables
	do
	echo "`date` scanning $table"
	echo "##########################" >> $tempfile
	echo " $2.$table" >> $tempfile
	echo "##########################" >> $tempfile

	mysqldump -h $1 $2 --extended-insert=false --no-create-info --compact $table \| grep -E --color=always "[^0-9a-zA-Z-](([3456][0-9]{3}([ +-])?[0-9]{4}([ +-])?[0-9]{4}([ +-])?[0-9]{4}([ +-])?)\|(3[0-9]{3}([ +-])?[0-9]{6}([ +-])?[0-9]{5})\|(3[0-9]{3}([ +-])?[0-9]{6}([ +-])?[0-9]{4})\|([0-9]{3}[ +-][0-9]{2}[ +-][0-9]{4}))[^0-9a-zA-Z-]" >> $tempfile
	done

	echo >> $tempfile
	echo "################################################" >> $tempfile
	echo " Scan complete `date`" >> $tempfile
	echo "################################################" >> $tempfile

	cat $tempfile \| aha --black > $3 && rm $tempfile