Useful Commands

Generate MD5 Hash

  • echo -n <keyword>| md5sum

IFS variable: (Internal Field Separator)

Field separator by default is ‘ ‘(space)

for i in $(ps -eo command);do echo $i;done

To change: [Don’t separate based on ‘space’ but on new line]

IFS=$’\n’
for i in $(ps -eo command);do echo $i;done

Wget: --no-parent: Do not ascend to the parent directory when retrieving recursively | --reject: file name suffixes to reject | --r: recursive

wget --no-parent --reject "index.html*" -r http://10.10.10.34/jailuser/dev/

The Git Log tool allows you to view information about previous commits that have occurred in a project.

git log --all
git show (enter-key here)

Connect to an HTTPS sevice

openssl s_client -connect <hostname>:<port>

When using shell, enable 'clear'

export TERM=xterm-color

Creating a user | Changing the password for current user

adduser frank
passwd 

Man Command : Both commands search for a keyword in man description

  • man -k searchword

  • man -k '^passwd$'[match the entire line and avoid sub-string matches]

  • apropos searchword

Services :

  • Available services:systemctl list-unit-files

  • Start: systemctl start service_name

  • Start at boot : systemctl enable apache2

  • Disable: systemctl disable service_name

  • Grep services: ss -antlp | grep service_name

Package Management

python : Avoid package dependencies

  • It's always recommended you use a virtual environment like venv when installing python dependencies.

  • venv (Python 3) and virtual env(Python 2) allow you to manage separate package installations for different projects. They essentially allow you to create a “virtual” isolated Python installation and install packages into that virtual installation. It is always recommended to use a virtual environment while developing Python applications.

sudo apt-get install python3-venv 

#venv will create a virtual Python installation in the env folder.
python3 -m venv env

#Activate virtual environment.
source env/bin/activate

#Confirm path
which python

#Exit virtual environment
deactivate

#Adding to PATH env variable
<Path> ensurepath

#Transferring dependencies to target for tools
pip download -r requirements.txt
pip install --no-index --find-links /path-to-download/dir -r requirements.txt

apt : Advanced Package Tool

  • Check if present in Kali repository: apt-cache search packagename

  • Remove including config files:apt remove --purge

Install:dpkg -i package.deb

Environment Variables

  • export b=10.10.10.97

    • nmap -Pn $b

    • Bash History Customization

      • export HISTCONTROL=ignoredups

      • export HISTIGNORE="ls:[bf]g:exit:history"

      • export HISTTIMEFORMAT='%F %T '

  • env

Piping

Every program run from the command line has three data streams connected to it

ls ./test 2>error.txt
cat error.txt
ls: cannot access '/test': No such file or directory

PHP shell fu

exec("whoami")
scandir(".")
scandir("/home")
readfile("/home/file.txt")
show $variable_name
file_get_contents("filename)

Generating a certificate

#Get private key(ca.key) 
#1.Create Certificate Signing Request(CSR)
openssl req -new -key ca.key -out server.csr
#2.Generate a certificate
openssl x509 -req -days 365 -in server.csr -signkey ca.key -out server.crt
#3.Create a PKCS12 certificate 
openssl pkcs12 -export -in server.crt -inkey ca.key -out server.p12
  • Import certificate to browser

  • Clear current ssl exception, and reload https://url.com

Backgrounding processes

#Status of jobs
jobs
#Run and send to background
ping -c 100 127.0.0.1 &   
#Brings job to foreground
fg %1
#Suspend job after it has already started
Ctrl+Z
#Resume job in the background
bg
  • %

    • %Number : Refers to a job number such as %1 or %2

    • %String : Refers to the beginning of the suspended command’s name such as %commandNameHere or %ping

axel

Download accelerator that transfers a file from a FTP or HTTP server through multiple connections.

  • -n: used to specify the number of multiple connections to use.

  • -a : for a more concise progress indicator

  • -o : to specify a different file name for the downloaded file.

axel -a -n 5 -o report_axel.pdf https://www.offensive-security.com/repor
ts/penetration-testing-sample-report-2013.pdf 
Initializing download: https://www.offensive-security.com/reports/penetration-testing- 
File size: 27691955 bytes 
Opening output file report_axel.pdf 
Starting download 
 
Connection 0 finished 
Connection 1 finished 
Connection 2 finished 
Connection 3 finished 
7za x backup.7z 

Docker

Set up: https://linuxhint.com/install_docker_kali_linux/

#Installing packages
sudo systemctl enable Docker
sudo docker pull <package>
sudo docker run <package>

Last updated