<파일 비교>
cd app_old
find . -type f -exec md5sum {} \; | sed "s/*\.\//\.\//" > ../app_old.md5
cd ../app_new
find . -type f -exec md5sum {} \; | sed "s/*\.\//\.\//" > ../app_new.md5
cd ../bundle_old
find . -type f -exec md5sum {} \; | sed "s/*\.\//\.\//" > ../bundle_old.md5
cd ../bundle_new
find . -type f -exec md5sum {} \; | sed "s/*\.\//\.\//" > ../bundle_new.md5
<신규 또는 변경된 파일만 추출>
mkdir app_newfile
diff app_old.md5 app_new.md5 | grep "^>" | awk '{print "./app_new/"$3}' | while read line; do cp $line app_newfile; done;
<문자열 일괄 추출>
find . -type f -exec echo '[FILE] '{} \; -exec strings {} \; > ../app_new_str.txt
find . -type f -exec echo '[FILE] '{} \; -exec strings {} \; > ../bundle_new_str.txt
<파일 상태 비교를 통한 침해여부 판단>
cat DIR.list | while read line; do find $line -type f; done |sort > new_file_list
cat FILE.list |sort > old_file_list
diff old_file_list new_file_list > diff.txt
<md5 hash 다시 만들기>
cat FILE.list.md5sum | awk '{print $2}' | while read line ; do md5sum $line; done > cur_md5