If you are just looking for a word you can use a for loop.
STRING="upgrade this if you can"
for x in $STRING; do
echo $x
if [ "$x" = 'upgrade' ]; then
echo found
y=$x
break
fi
done
echo $y
If upgrade is always in the same position you could try array assignment.
declare -a z
z=($STRING)
echo ${z[0]}
Try adding the -a or --binary-file=text options
grep -aE '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+' file.pcap
or
grep --binary-file=text -E '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+' file.pcap
This appears to work for a random pcap file that I downloaded from wiki.wireshark.org i.e.
$ grep -E '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+' NTLM-wenchao.pcap
Binary file NTLM-wenchao.pcap matches
but
$ grep -aE '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+' NTLM-wenchao.pcap
Host: 192.168.0.55
Host: 192.168.0.55
Host: 192.168.0.55
Location: http://192.168.0.55/default.aspx
MicrosoftSharePointTeamServices: 12.0.0.6421
<body><h1>Object Moved</h1>This document may be found <a HREF="http://192.168.0."_?"_Ea@yÀ¨[À¨ÃPþµû%RÑ_Pü>ÕGET /default.aspx HTTP/1.1
Host: 192.168.0.55
etc.
Be aware of the warning (from the man page man grep) that
If TYPE is text, grep processes a binary file as if it
were text; this is equivalent to the -a option. Warning: grep
--binary-files=text might output binary garbage, which can have
nasty side effects if the output is a terminal and if the
terminal driver interprets some of it as commands.
Note that although you can use the \d regex (for digit), it is only supported by grep in PCRE mode (i.e. with the -P switch).
Best Answer