Cатсн²² (in)sесuяitу / ChrisJohnRiley

Because we're damned if we do, and we're damned if we don't!

Find files between 2 dates

Leave a Comment Posted by on November 29, 2009

I thought I’d share a little tip I found recently. I was searching for a way to find files created between 2 dates on a Linux box. There’s a lot of reasons you might want to do this. Maybe you need to archive some files, maybe you’ve been breached and need to check what files have been modified. Whatever the reason, these are the commands to run that will do the job for you.

  • touch -m -t 200901010000 /tmp/startdate
  • touch -m -t 200801012359 /tmp/enddate
  • find . -newer /tmp/startdate ! -newer /tmp/enddate

The touch commands will create 2 reference files with the timestamp 01.01.2009 00:00 and 01.01.2009 23:59. Using these reference files you can then run the find command to find everything newer than the first file, but NOT newer than the second file. Remember to delete the files from /tmp when you’re done ;)

  • rm /tmp/startdate /tmp/enddate

I’ll try and write-up a script for the PenTester Scripting project when I get some time.

Advertisement
Security, Technology , , ,

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

Please log in to WordPress.com to post a comment to your blog.

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

Follow

Get every new post delivered to your Inbox.