Cатсн²² (in)sесuяitу / ChrisJohnRiley

Because we're damned if we do, and we're damned if we don't!

Find files between 2 dates

1 Comment Posted by on November 29, 2009

I thought I’d share a little tip I found recently. I was searching for a way to find files created between 2 dates on a Linux box. There’s a lot of reasons you might want to do this. Maybe you need to archive some files, maybe you’ve been breached and need to check what files have been modified. Whatever the reason, these are the commands to run that will do the job for you.

  • touch -m -t 200901010000 /tmp/startdate
  • touch -m -t 200801012359 /tmp/enddate
  • find . -newer /tmp/startdate ! -newer /tmp/enddate

The touch commands will create 2 reference files with the timestamp 01.01.2009 00:00 and 01.01.2009 23:59. Using these reference files you can then run the find command to find everything newer than the first file, but NOT newer than the second file. Remember to delete the files from /tmp when you’re done 😉

  • rm /tmp/startdate /tmp/enddate

I’ll try and write-up a script for the PenTester Scripting project when I get some time.

Security, Technology , , ,

One response to “Find files between 2 dates

  1. Imran February 29, 2012 at 12:12

    find . -type f -newermt “2008-01-01” ! -newermt “2009-01-01”

    if you are not particular about time, you can also use this

%d bloggers like this: