vigack · September 20, 2017 04:10
diff --git a/fkcracker.sh b/fkcracker.sh
 # 原型，打印出所有ip，但是会重复，且ip之间没有换行
 perl -ne 'print $1 if(/Failed password.+(\d+.\d+.\d+.\d+)/)' /var/log/secure*

 # 发现上面那个命令没有打印全ip，改为下面的，这样就会获得完整ip并且ip之间换行了
 perl -ne 'print "$1\n" if(/Failed password\D+(\d+\.\d+\.\d+\.\d+)/)' /var/log/secure*

 # 使用{3}来缩减代码量
 perl -ne 'print "$1\n" if(/Failed password\D+((\d+\.){3}\d+)/)' /var/log/secure*

 # 去重，这个感觉比较麻烦，因为如果用数组或者哈希的话，就不能用-n来去掉外面那层while(<>){...}了
 # 那还不如用sort, uniq了
 perl -ne 'print "$1\n" if(/Failed password\D+((\d+\.){3}\d+)/)' /var/log/secure* | sort | uniq -c

 # 还可以根据重复次数排序
 perl -ne 'print "$1\n" if(/Failed password\D+((\d+\.){3}\d+)/)' /var/log/secure* | sort | uniq -c | sort -rn
	# 原型，打印出所有ip，但是会重复，且ip之间没有换行
	perl -ne 'print $1 if(/Failed password.+(\d+.\d+.\d+.\d+)/)' /var/log/secure*

	# 发现上面那个命令没有打印全ip，改为下面的，这样就会获得完整ip并且ip之间换行了
	perl -ne 'print "$1\n" if(/Failed password\D+(\d+\.\d+\.\d+\.\d+)/)' /var/log/secure*

	# 使用{3}来缩减代码量
	perl -ne 'print "$1\n" if(/Failed password\D+((\d+\.){3}\d+)/)' /var/log/secure*

	# 去重，这个感觉比较麻烦，因为如果用数组或者哈希的话，就不能用-n来去掉外面那层while(<>){...}了
	# 那还不如用sort, uniq了
	perl -ne 'print "$1\n" if(/Failed password\D+((\d+\.){3}\d+)/)' /var/log/secure* \| sort \| uniq -c

	# 还可以根据重复次数排序
	perl -ne 'print "$1\n" if(/Failed password\D+((\d+\.){3}\d+)/)' /var/log/secure* \| sort \| uniq -c \| sort -rn