Basic Linux Commands

Find

find <starting_location> -type <f/d> -name <name>

Example:

Other:

To specify user, use -user <user>
To specify size, use -size <bytes>
- byte = c; e.g. 2 bytes = 2c
- KiB = k; e.g. 2 KiB = 2k
- MiB = M; e.g. 2MiB = 2M
- You can also specify >, <
To specify permission, use -perm xxx / -perm u=r
- At least the permission -666 (e.g. -444 means readable by everyone)
- Match any permission set /666
To specify time:
- Create / Access / Modified = c / a / m
- ctime atime mtime cmin amin mmin
- Minute = min ; Day = time
- Created 7 days ago = -ctime -7
- Modified within the last 24 hours = -mtime 0

Network Configuration

ifconfig

Wireless Configuration

iwconfig

Print ARP Cache

arp -a

sed -i 's/original/new/g' file.txt

-i = in-place (save back to the original file)
s = the substitute command
original = a regular expression describing the word to replace (or just the word itself)
new = the text to replace it with
g = global (i.e. replace all)
file.txt = filename

Local Host <--> SSH Server <--> Remote Host

ssh -L <local_port>:<remote_ip>:<remote_port> <user>@<sshserver>

Another one (socks proxy):

ssh <ssh_user>@<ssh_server> -D<local_host>:<local_port> -N -C

If you have a Meterpreter session, you can add an ad-hoc route:

run autoroute -s <target_ip_range>
background

Then check the proxychain port via /etc/proxychain.conf

After knowing the port, start a socks4a handler in Metasploit:

use auxiliary/server/socks4a
set SRVPORT <proxy_chain_port>
run

Then you can use proxychains to reach the target:

proxychains <your_command>

Zone transfer

dig AXFR yourdomain.com @dns_server_ip

Reverse lookup

dig -x <ip_address> @dns_server_ip +no-cookie | grep PTR

useradd -p $(openssl passwd -1 password) -m newadmin --groups sudo

echo "<password>" | passwd --stdin <user>

grep -r "xxxx" * 2>&1 /dev/null

Last updated 4 years ago