ls -la: list files (including hidden)
4-read
2-write
1-execute
uname -a OS version
lsb_release -a OS version
cat /etc/os-release OS version
neoftech is a great tool for this
hostnamectl -setname
locate (updatedb command will update the cache after changes to disk)
whereis: find binary
which: find in path variable
whatis: short man description of command
find -type f -name
lsof – list open files
nl: add number to lines
tail -n+507 /etc/snort/snort.conf | head -n 6
example: nl /etc/snort/snort.conf | grep output
sed: can be used to replace words: ex: sed s/mysql/MySQL/g /etc/snort/snort.conf > snort2.conf
netstat -ano
crontab -l: searches scheduled tasks
sudo -i: login as root
service – manually manage services
systemctl – can make services auto start/stop on startup
sudo systemctl enable name.service
sudo systemctl disable name.service
/etc/systemd/system location for some services
echo “hello” | cut 1 > log.txt 2>&1 (outputs any errors from that command to the log file)
echo “hello” | abc > log.txt 2>/dev/null (errors do not go to the log file)
env show variables
ip addr – IP address
ip neighbor – ARP cache
mtr – similar to traceroute
ip addr|ifconfig: show network settings
ifconfig eth0 down | ifconfig eth0 hw ether 00:11:22:33:44:55 | ifconfig eth0 up: change mac
dhclient eth0: request DHCP
dig domain type: DNS lookup
etc/hosts: local host file
etc/resolv.conf: local nameserver settings
apt-cache search keyword: searches
apt-get package: downloads
apt-get install package: installs
apt-get remove package: removes, doesn’t remove config files
apt-get purge: removes config files from installed software
apt autoremove package: removes libraries and dependencies installed with the package that are no longer used by anything else
apt-get update: updates package info from repositories
apt-get upgrade: upgrades all packages from repositories
/etc/apt/sources.list: repo file
note: if software isnt listed in any repo: use git to clone from github
dbpg -i
gdebi
chown: change ownership of a file
chgrp: change ownership of a file from one group to another
chmod: change permissions of a file
-a file has owner,group,user permissions 777 = rwx for all three
umask
free – lists free memory
df -H – disk usage
ps -aux:list all processes from all users | grep process
htop or top | t,m,z,h | r to renice | k to kill
kill: -1 PID restarts a process
pkill – terminates off name instead of PID
kill: -9 PID terminals a process
killall: kills by processname
process &: run it in the background, useful or text editor so it doesn’t hog the terminal
bg PID
fg PID
at: used to setup the daemon
atd: used to schedule a job to run once
crond: used to scheduled a job re-occuring
example: at 7:20pm June 25 or at now + 20 minutes or at 7:20pm 06/25/2020
env: environment variables
set: all env and shell variables
example: set | grep HISTSIZE
example: to change var: HISTSIZE=0, to reset HISTSIZE=1000
$PS1=”Something”
export $PS1: permanently saves this. If you don’t use export it only temporary saves it for that session.
$PATH: This will execute binaries from this location… If you have a custom program that you need to run without being in the directory: Add to this location or add to the $PATH var…PATH=$PATH:/root/hackingtool
example:
export ip=google.com
echo $ip
ping $ip
export PATH=$PATH:/home/kali/Desktop (adds desktop to the PATH var)
#! /bin/bash: #!: tells the interpreter to use and /bin/bash means use bourne again shell, which is most widely used shell
read test: reads input on screen into $test variable
read ip
nmap -sT $ip -p 1433 >/dev/null -oG scan
tar -cvf file.tar file1.txt file2.txt (create tar file)
tar -tvf file.tar (view contents)
tar -xvf file.tar (extracts contents)
gzip, bzip, compress
gunzip, bunzip, ucompress
zip -r files.zip *
unzip
dd: bit by bit file copy of usb or storage system
under /dev:
sda: first SATA hdd
sdb: second SATA hdd
sda1: first SATA hdd partition1
sda2: second SATA hdd partition2
fdisk -l: lists all the partitions of all the drives
lsblk: list block devices
/media, /mnt: two mount points for flash drives
Note: You may have to manually mount a USB flash drive… First lsblk and then mount /dev/name /media… /etc/fstab is read on boot to for mounting devices
mount: mount a disk
umount: unmount a disk
df: disk free:Get info on mounted disks
fsck: check filesystem for error. need to umount the /dev/device first
smbclient: smbclient \\\\fqdn -U | get/put
timedatectl set-timezone
Symlink
ln: hard link. Basically makes a copy of the file and if you modify content of file it modifies the other linked file
ln -s: symbolic link. Makes a shortcut. Deleting the file will render the shortcut useless. Can make a shortcut to a folder path.
example: ln -s /opt/nessus/sbin nessus
Note: The difference between symbolic links and a hard links is that a symbolic link file points to the filename of another file and a hard link file points to the contents of another file
SCP
scp /path/to/file username@a:/path/to/destination
scp username@b:/path/to/file /path/to/destination
TCP Wrappers
/etc/hosts.allow/deny
facility.priority action
shred -f -n 10 /var/log/auth.log.*
service rsyslog stop
ufw runs on top of iptables. ufw is easier. so you could do sudo ufw enable and then status
sudo ufw allow 80
SMB Singing
/etc/samba/smb.conf
Under global settings:
server signing = mandatory
client signing = mandatory
Upgrade OS
At first, you should update your system with the following command:
sudo apt update
sudo apt upgrade
sudo apt dist-upgrade
sudo apt autoremove
sudo apt install update-manager-core
sudo do-release-upgrade
XRDP
*Make sure logged off before trying to RDP to Linux*
sudo apt install xrdp
sudo usermod -a -G ssl-cert xrdp
sudo systemctl restart xrdp
sudo ufw allow from IP/32 to any port 3389
sudo ufw reload
Nutanix Guest Tools
sudo apt-get install lvm2
sudo python3 install_ngt.py
Docker
sudo apt install docker.io
sudo apt install docker-compose
sudo nano docker-compose.yml
sudo docker-compose up -d
docker ps
docker images
Portainer is used for docker management