©атсн²² (in)sесuяitу

Because we're damned if we do, and we're damned if we don't!

  • Archives


  •  Subscribe in a reader

  • Twitter

«
»

Find files between 2 dates

Posted by ChrisJohnRiley on November 29, 2009

I thought I’d share a little tip I found recently. I was searching for a way to find files created between 2 dates on a Linux box. There’s a lot of reasons you might want to do this. Maybe you need to archive some files, maybe you’ve been breached and need to check what files have been modified. Whatever the reason, these are the commands to run that will do the job for you.

  • touch -m -t 200901010000 /tmp/startdate
  • touch -m -t 200801012359 /tmp/enddate
  • find . -newer /tmp/startdate ! -newer /tmp/enddate

The touch commands will create 2 reference files with the timestamp 01.01.2009 00:00 and 01.01.2009 23:59. Using these reference files you can then run the find command to find everything newer than the first file, but NOT newer than the second file. Remember to delete the files from /tmp when you’re done ;)

  • rm /tmp/startdate /tmp/enddate

I’ll try and write-up a script for the PenTester Scripting project when I get some time.

This entry was posted on November 29, 2009 at 3:39 pm and is filed under Security, Technology. Tagged: , , , . You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <pre> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

«
»