Eth0: External 10.9.0.0/24
Eth1: Internal 192.168.60.0/24
Linux Useful Commands
Install any software on Linux
# You should find it in .dep file formate
# Then extract it by this command below
# Finally call it by its name to run it
# Below I am installing google chrome
sudo dpkg -i google-chrome-stable_current_amd64.deb
google-chrome
Search for a text in a directory or a folder
grep -rnw '/path/to/somewhere/' -e 'pattern'
r
Ā orĀ R
Ā is recursive,
n
Ā is line number, and
w
Ā stands for match the whole word.
l
Ā (lower-case L) can be added to just give the file name of matching files.
e
Ā is the pattern used during the search
Start a service in Linux
sudo systemctl start ssh
sudo service ssh start
Show the IPv4 address you got:
ifconfig | grep "inet "
How to get a directory downloaded from a URL using wget
# -r: flag is for recursice
# --no-parent will ignore the index.html file
wget --no-parent -r http://WEBSITE.com/DIRECTORY
Find and delete duplicate files using fdupes
# Description: Find and delete duplicate files.
# Example: fdupes -rdN /path/to/directory
fdupes -rdN /path/to/directory
Return the public ip address of a machine
curl https://ipinfo.io/ip ; echo
# ========= try this too
dig +short txt ch whoami.cloudflare @1.0.0.1
# ====== try wget without a server running on the machine
wget <ip_server>
# use tcpdump to retrieve the ip filter with TCP protocol.
Using Wget to download all files on a web server directory:
wget -r -np -nc -nH --tries=3 --timeout=30 --waitretry=5 --random-wait --no-check-certificate -q --show-progress "http://server:8080/folder/"
# the folder with all its content will be downloaded here
# You can use ptyhon -m http.server 8080 //to create a webserver for your content.
Network diagnostic tool mtr
:
#Description: Network diagnostic tool that combines traceroute and ping.
#Example: mtr 8.8.8.8
mtr 8.8.8.8
join
command is used for joining lines of two files on a common field
join file1.txt file2.txt > joined.txt
2) Command: let
The let
command in a single-line bash command:
let "sum = 5 + 2"; echo "Sum: $sum"
Output:
Sum: 7
the let
command is used to calculate the sum of two numbers (5 and 2) and store the result in the variable sum
. The echo
command is used to display the value of the sum
variable.
Change a mode of a wifi adapter to be monitored
# First disable your adapter by this command
sudo ifconfig wlan0 down
# Do this command to kill any process that may interfer with
# with the adapter.
sudo airmon-ng check kill
# Enable monitored mode
sudo iwconfig wlan0 mode monitor
# Finally enable the adapter back
sudo ifconfig wlan0 up
# Check your result by
sudo iwconfig
# wlan0 IEEE 802.11b ESSID:"" Nickname:"<WIFI@REALTEK>"
# Mode:Monitor
Changing the MAC of your machine
# Disable the interface that you want to modifie
sudo ifconfig wlan0 down
# Change you MAC to whatever you prefer but make sure it start
# with 00:xx:xx:xx:xx:xx
sudo ifconfig wlan0 hw ether 00:11:22:33:44:55
# Power up your network interface
sudo ifconfig wlan0 up
# Check the result
ifconfig
# The MAC you changed is temporarily. It will get back to its
# original once you reboot your machine.
# BSSID ==> the MAC of that network adapter.
# PWR ==> the power of the signal or the strength higher the better.
# Beacons ==> a number sent by the network to prodcast t heir exesting
# Data ==> the number of data in packets.
# /s ==> the number of data collected in that network.
# CH ==> the channel that the network run on.
# MB ==> Maximum speed supported by the network.
# ENC ==> the Encription used [WPA,WPA2,OPN,etc].
# CIPHER ==> the cipher used in the network [CCMP,WEP,etc].
# AUTH ==> authentication used in the network.
# ESSID ==> the name of the network
Logging out a user using ssh (log out from all sessions)
# Check who is logging in currently
who
# Do this command that send a KILL signal to the user.
sudo pkill -SIGKILL -u <username>
# or
loginctl terminate-user <username>
# double check if that user got dropped.
who
Packet Sniffing on monitor mode adapter [Airodump-ng]
# This is a part of aircrack-ng tool.
# It is used to capture all packets within the range.
# display detail info about network SSID around us.
# Display connected clients.
# wlan0 can be any other adapter name
sudo airodump-ng wlan0
# To quit it hit Ctrl+C to exit
# You can use the --band a to capture 5g bands frequencies network
sudo airodump-ng --band a wlan0
# To capture both band 2.4G and 5G use the --band abg
sudo airodump-ng --band abg wlan0
# Specifiy a SSID to sniff on provide[ --bssid 00:11:..:55 --channel
sudo airodump-ng --bssid 00:11:C3:2C:13:55 --channel 136 --write sniff wlan0
# The output table has all the clients connected to this network
# the BSSID ==> the MAC of the network we sniffing
# the STATION ==> are the clients MACs
# the Frams ==> how many frames we collected about this clients
Know who is currently logged in your machine
# Using the users command will print the name of the users
users
# Lists all users currently logged into the system along with their login time, idle time, process ID, and more.
# The -a option lists all users, including system users and users without a terminal session.
# The -H option prints the output in a format that is easier to read.
who -a -H
# You can also capture these information using this command
w
Know the last modified files in a directory
To know the last files modified, you can use the ls
command with the -lt
option, which will list files in the current directory sorted by modification time, with the most recently modified files listed first.
ls -lt
You can also use the find
command to search for files modified within a certain timeframe. For example, to find all files modified in the last 24 hours, you can use:
find /path/to/directory -type f -mtime -1
Storing bash command and execute it by its name
$ COMMAND=("stat" "/var/log/httpd/access_log" "|" "grep" "Modify")
$ ${COMMAND[@]}
COMMAND[0]="stat"
COMMAND[1]="/var/log/httpd/access_log"
# You can commbind all of it in one string too.
Generate random MAC address:
- Save it into file and executed using
- Change the mode by Chmod +x NameOfFile.sh
#!/bin/bash
hexcharsC="0123456789ABCDEF"
hexchars="0123456789abcdef"
end=$( for i in {1..6} ; do echo -n ${hexchars:$(( $RANDOM % 16 )):1} ; done | sed -e 's/\\(..\\)/:\\1/g' )
echo 8c:85:90$end
- Using openssl command:
openssl rand -hex 6 | sed 's/\\(..\\)/\\1:/g; s/.$//'
Check the OS version you are using
# This will print out the version and the distribution of OS you are running
lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 22.04.1 LTS
Release: 22.04
Codename: jammy
# You can cat the os-relase to print the OS version
cat /etc/os-release
Find all hard drive connected to the machine
# show only hard drive
sudo lshw -class disk
# show CD rooms
sudo lshw -class disk -class tape
lsblk -o KNAME,TYPE,SIZE,MODEL
# this will show the GPU
lspci | grep -i vga
lspci | grep -i --color 'vga\|3d\|2d'
ubuntu-drivers devices
# https://linuxconfig.org/how-to-install-the-nvidia-drivers-on-ubuntu-22-04
find /usr/lib/modules -name nvidia.ko -exec modinfo {} \;
# ======== Tensorflow ======
# https://www.tensorflow.org/guide/gpu
import tensorflow as tf
print("Num GPUs Available: ", len(tf.config.list_physical_devices('GPU')))
To check linux architecture [arm,amd,etc]
# Check what operating system your server runing
uname -a
# print if the Architecture is x86-64 or some other.
uname -m
# This will print out all the specification of you machine
cat /proc/cpuinfo
How to read Hexdump formate file
- something that look like this can be opened using the command
xxd -r
this command read hexdump file and you can output it into another file.
# read the hexdump data.txt and save it into output file
xxd -r data.txt output
Hash sha1 a folder or a directory
tar -cf - ./{the folder} | sha1sum
Change MAC address
- shut down your interface
sudo ifconfig eth0 down
# OR use this depends on your interface
sudo ifconfig en0 down
# Will change it a mac you specifiy
sudo ifconfig en0 ether RA:ND:OM:MA:C0
- Check your MAC address:
# Will return your Mac address
ifconfig en0 | grep ether
- After that you should bring it up
sudo ifconfig eth0 up
# OR use this depends on your interface
sudo ifconfig en0 up
Check the CPU type
lscpu
# -- or --
cat /proc/cpuinfo
Check Memory
cat /proc/meminfo
free
top
Remove the cache or clear the cache
sudo sh -c 'echo 3 > /proc/sys/vm/drop_caches'
Downloading directory using Wget
To avoid downloading the auto-generatedĀ index.html
Ā files, use theĀ -R
/--reject
Ā option
use -r
for recursive and -np
for no parent:
# wget recursive with no parent
wget -r -np -R "index.html*" http://example.com/configs/.vim/
Check CPU
lscpu
Check wireless adapter
iwconfig
# ip a
# ip r to routing table
# ip n niegbor same as [arp -a] table
show a list of all Mac addresses table
arp -a
show routing table of your machine
# It can tell you where traffic exit
route
List all the apps installed in Linux
apt list --installed
Firewall:
- install ufw
sudo apt-get install ufw
- Check the status of the firewall:
sudo ufw status
- Enable firewall:
sudo ufw enable
- Disable ufw:
sudo ufw disable
- Check the rules of the firewall:
sudo ufw status verbose
- Check the rules of the firewall numbered:
sudo ufw status numbered
- Add a rule in firewall:
sudo ufw allow in "Apache Full"
sudo ufw allow 22
- Remove a rule from the firewall:
sudo ufw delete allow ssh
sudo ufw delete allow 80/tcp
sudo ufw delete ā> sudo ufw status numbered
Remove a user from a group:
sudo deluser --remove-home <user-name>
# --remove-all-files
# to remove all file
passwd -d username groupname
passwd -d <>
Add a user to sudo group: ( change user mode)
usermod -aG sudo <user-name>
Find the largest folders in size on a directory
du -h --max-depth=1 | sort -rh | head -n 10
Find the largest files in size in a directory
ls -lSh | head -n 10
ls -lShR | grep '^-' | head -n 10
find . -type f -exec du {} + | sort -rn | head -n 10
ls -lSh
:l
: Displays the long listing format, showing file sizes and other details.S
: Sorts files by size, largest first.h
: Makes file sizes human-readable (e.g., KB, MB).grep '^-'
: Filters only files (since directories are listed with ad
at the beginning, and files have).
head -n 10
: Shows only the top 10 results
Change Hostname on Ubuntu 20.04 (No Reboot Required)
If you wish to permanently change the hostname without rebooting your computer, use theĀ hostnamectl
Ā command.
- on Mac this file is under
/etc/hosts
How to ssh without ip (using domain name)
# in your local machine the client do this
# add this bottom line to the file /etc/hosts
##
# Host Database
#
# localhost is used to configure the loopback interface
# when the system is booting. Do not change this entry.
##
127.0.0.1 localhost
255.255.255.255 broadcasthost
::1 localhost
128.4.26.211 brserver
- you can set the allowed ip to ssh to machine
/etc/hosts_allow
/etc/hosts_deny
To change username and user's groupname (it is probably best to do this without being logged in):
sudo usermod -l newUsername oldUsername
sudo groupmod -n newUsername oldUsername
This however, doesn't rename the home folder.
To change home-folder, use
sudo usermod -d /home/newHomeDir -m newUsername
Step 1: Use set-hostname to Change the Hostname
Type the following command:
hostnamectl set-hostname new-hostname
Use your own hostname choice instead ofĀ new-hostname
.
Step 2: Use hostnamectl to Confirm the Change
Just like theĀ hostname
Ā command, if successful,Ā hostnamectl set-hostname
Ā does not produce any output. Therefore, useĀ hostnamectl
Ā to check the result.
Add a user
# -m to create with it a home directory otherwise it will have no home
sudo adduser -m <username>
# -d will specify where is location for the directory
useradd -m -d /PATH/TO/FOLDER USERNAME
# to jump to that user
su - <username>
###### NOTE ####
# after the creation make sure to add pass for it.
passwd USERNAME
## To change the root from a sudo account do
sudo passwd root
Generate random password
# This will result in 12 charecters. You can change it to whatever.
openssl rand -base64 12
# This does the same when no openssl
< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c12
Delete or Remove user
sudo deluser USERNAME
Check that you have sudo right
sudo -l
# If this command return (ALL)ALL that mean you are sudo user
To check if user is been added
# This will print the name of users
ls /home
Check your username
whoami
Switch to user or change to user
su AnyUserName
Show or Display all groups:
groups
disk free size, file management:
- Free, used disk space:
# check disk free space
df
#displays the usage on your primary hard drive
df -h /
# find a disk usage
du -sh
List all disks on linux
lsblk
lsblk -f
# Here is a better command
sudo lshw -class disk
# this will list all the disk too
sudo fdisk -l
Linux crontab command
theĀ crontabĀ command opens the cron table for editing. The cron table is the list of tasks scheduled to run at regular time intervals on the system.
crontab [-u user][-l | -r | -e] [-i] [-s]
# file -> Load the crontab data from the specified file. If file is a dash ("-"), the crontab data is read from standard input.
# -e -> Edit the current crontab, using the editor specified in the environment variable VISUAL or EDITOR.
# Same as -r,removes but gives the user a yes/no confirmation prompt before removing the crontab.
Change the IP of an UBUNTU server (Configure static IP):
- Change the user to root
sudo su -
- Edit the interfaces file
vi /etc/netwrok/interfaces
- Add these lines toward the end of the file
iface ens160 net static
address the:IPv4:address:needed
netmask 255.255.254.0
gateway 128.0.0.1 ā> find the command up to find it
dns-nameserver 8.8.8.8
- Now you need to restart the interfaces
/etc/init.d/networking restart
- Check your network ping google.com
# if you try it with -c 1 it will do just one.
ping google.com
# Or you can ping its IP address
ping 8.8.8.8
- Ping local machines:
ping 128.X.X.X
- check your IP address
ifconfig
Show the routing packet takes in your network
ip route
Show the default gateway IP address
ip route | grep default
Install MySQL server:
sudo apt-get update
sudo apt-get install mysql-server
sudo mysql-secure-installation utility
- Open the port from MySQL server 3360
sudo ufw allow mysql
- Enable MySQl server
sudo systemctl enable mysql
- Start MySQL server
sudo systemctl start mysql
- Check if MySQL running and enabled
sudo systemctl status mysql
- Export database into a file.sql
# This run on a local sql server
$ mysqldump -u USER_NAME -p DB_NAME > file_name.format
# For external sql server
$ mysqldump -u USER_NAME -p DB_NAME -h 192.168.0.15 > file_name.format
- Import .sql file into a database
# This run on a local sql server
$ mysql -u USER_NAME -p DB_NAME < file_name.sql
Change between users:
su username
Change user to root:
sudo su -
su -
See files sizes on current directory:
sudo find . -maxdepth 1 -mindepth 1 -type d -exec du -hs {}\\; | sort -hr
Find a move files that match the filter
find . -iname "*14:01:23*" -type f -print0 | sed "s/.\///g" | xargs -0 -I {} mv {} 14-1-2023
Remove a single file, delete a file:
rm filename
Remove files with prompting configuration:
rm -i *.pdf
Remove all files with the same extinctions, delete files :
- remove all files at the current directory
rm -rf *.pdf
# another example
rm -rf .mkv
Print with color in bash
Reset
# To rest the text to normal color
Color_Off='\\033[0m'
#### initializing some colors
Red='\\033[0;31m' # Red
Green='\\033[0;32m' # Green
Yellow='\\033[0;33m' # Yellow
Purple='\\033[0;35m' # Purple
Cyan='\\033[0;36m' # Cyan
Echo in color
# This will echo in Red color
echo -e "$Red Hello World! $Color_Off"
Check the services running
service --status-all
Add script to run when reboot, run a script when startup, startup script: (crontab)
Open and edit crontab:
crontab -e
- Example When reboot run bash script after 60 sec: (add to the crontab file) -f : Request to go to background -N: Do not execute a remote command. Used for forwarding ports -R: Specifies that connections to the given socket on remote server -T: Disable pseudo-terminal allocation.
@reboot sleep 60 && ssh -f -N -T -R 22222:localhost:22 -i /home/teddy/.ssh
Install Apache server
update and upgrade your machine
sudo apt-get update && apt-get upgrade -y
Install apache2
sudo apt-get install apache2
Check if the Apache2 is running:
sudo systemctl status apache2
Make sure that the httpd
running when the machine load up
sudo chkconfig httpd on
See all processes currently running:
See all processes of all other users:
ps -aux
if you want to see only ssh processes:
ps aux | grep ssh
if you want to see just the first 10
ps aux | head -10
See the routing table (Netstat):
Is a network statistic tool used to list active connections from and to your computer
show all active connections on your machine
netstat -ano
Show protocol-cloned routers, n to show numbered domain names.
netstat -anr
Show routing table or the route the packet takes. It shows the "default gateway"
netstat -rn
netstat -r
netstat -an
netstat -n
Check and see if a port is used(open). Check if a port used 9191
netstat -tulnp | grep 9191
# To spit out all the port that your system Listening on
netstat -tulpn | grep LISTEN
SSH:
Install SSH
sudo apt-get install openssh-server
Start / enable SSH server
# Fist this you have to enable it to be able to start it
sudo systemctl enable ssh
# Then you can start it
service ssh start
# or you can start it using this command
sudo systemctl start ssh
# On macOS
sudo launchctl stop com.openssh.sshd
sudo launchctl start com.openssh.sshd
SSH config file:
# the ssh config file is located on this folder
cd /etc/ssh/
# nano into the file sshd_config to edit the configuration
nano ssh_config
How to SSH without a password
- Generate an ssh key:
# this will generate a public and private keys stored on ~/.ssh
ssh-keygen -t rsa
- Move the public key to the authorized_key on the server.
cat ~/.ssh/id_rsa.pub | ssh [email protected] "cat - >> ~/.ssh/authorized_keys"
# in Mac it should be in /var/root/.ssh/id_rsa
cat /var/root/.ssh/id_rsa.pub | ssh [email protected] "cat - >> ~/.ssh/authorized_keys"
ssh-keygen -t rsa
>> should be executed on the local machine
- The private 'id_rsa
' should be located on the local machine on ~/.ssh/id_rsa.pub
folder.
- The public 'id_rsa.pub
' should be moved to the remote server on ~/.ssh/authorized_keys
Steps you need to do on some servers:
You have to create theĀ .ssh
Ā directory and theĀ authorized_keys
Ā file the first time.
- Create theĀ
.ssh
Ā directory: - Set the right permissions:
- Create theĀ
authorized_keys
Ā file: - Set the right permissions:
mkdir ~/.ssh
chmod 700 ~/.ssh
touch ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
The permissions are important! It won't work without the right permissions!
Now you can add theĀ public keyĀ to theĀ authorized_keys
Ā file:
cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
Nmap
Is a Network mapping tool. That means it's used to discover informations about hosts on a network (their ip, open ports, etc)
When port scanning with Nmap, there are three basic scan types. These are:
- TCP Connect Scans (
sT
) - SYN "Half-open" Scans (
sS
) - UDP Scans (
sU
)
Additionally there are several less common port scan types, some of which we will also cover (albeit in less detail). These are:
- TCP Null Scans (
sN
) - TCP FIN Scans (
sF
) - TCP Xmas Scans (
sX
)
sudo apt install nmap -y
Scan a host :
nmap hostIP
Scan when ping is blocked
nmap 128.175.13.74 -Pn
Scan for TCP open ports at a host
nmap hostIP
Scan for UDP open ports at a host
nmap -sU -F localhost
Scan TCP services running with their version
nmap -sV localhost
Scan the OS (Operating System) of a host with ping
sudo nmap -O localhost
Scan the OS without ping
sudo nmap -Pn -O localhost
Access all server files locally, share access files on the server (sshfs)
In your, Mac install sshs from brew.brew install sshfs
- You can install the most recent version of fuse from here: link to Fuse latest version Now mount the folder to your local machine
sshfs [email protected]:/ ~/Desktop/
Open Jupyter notebook from terminal
You need to be on the home foldercd ~
The open jupyter by typing this command
Numerical Base Conversions
- by hand: Base conversion
Convert Decimal to Binary
# ibase is the output base here is 2 (binary)
# the number passed is 11010101
echo "obase=2; 23" | bc
Decimal to Octal number
# ibase is the output base here is 8 (octa)
# the number passed is 23
echo "obase=8; 23" | bc
Decimal to Hex number
# ibase is the output base here is 16 (hexa)
# the number passed is 23
echo "obase=16; 23" | bc
Decimal to any base number
# ibase is the output base here is 4
# the number passed is 23
echo "obase=4; 23" | bc
Binary to decimal
# ibase is the output base here is a decimal
# the number passed is 11010101
echo "ibase=2; 11010101" | bc
Oct to decimal
# ibase is the output base here is 8
# the number passed is 723
echo "ibase=8; 723" | bc
You can use the bc directly by
# To lunch bc
bc
# Then specifiy the inpute and the output base you wish
ibase= 10
obase= 2
7
111
# This will show the binary output of 7 integer.
Open Jupyter on a server with Tunneling
# The first part is the regular ssh -NL to open that tunnel on localport:localhost:serverport
ssh username@nameOfTheServer -NL localport:localhost:serverOpenedPort
# run jupyter in the remote server background (keep it runing in the backgraound)
jupyter lab --no-browser --port=8888 &
jupyter notebook --port=8082 --ip=0.0.0.0 --no-browser --allow-root &
# find jupyter notebook token after been closed
jupyter notebook list
# Jupyter does not delete file it store them here
~/.local/share/Trash
Check the ram slots in your machine
sudo dmidecode --type 17
Check what GPU machine has installed
sudo lspci -v | less
sudo lshw -C display
nvidia-smi
Check the machine details (Factory, model, type ,etc)
sudo lshw | grep product | more
Nmap [Port Scanning]
# A = Look for Everything -p- = in All ports
nmap -T4 -A -p-
Open proxies on Saudi šøš¦
PORT | ANINYMITY TYPE: | CHECKED:Ā Oct-22, 19:42 | COUNTRY: | CITY: | ISP |
---|---|---|---|---|---|
8080 | ANINYMITY TYPE:Ā transparent | Oct-22, 20:05 | Saudi Arabia | Riyadh | Arabian Interne... |
8080 | ANINYMITY TYPE:Ā transparent | Ā Oct-23, 02:07 | Saudi Arabia | Khobar | Ā SaudiNet |
8080 | ANINYMITY TYPE:Ā transparent | Oct-22, 20:05 | Saudi Arabia | Unknown | Arabian Internet |
iCloud Document directory in MacOs
# Make sure you update the cokmmand to match your username.
cd /Users/username/Library/Mobile Documents/com~apple~CloudDocs
Install zsh
sudo apt install zsh
# check a defualt shell
echo $SHELL
sudo chsh -s `which zsh`
# Start setting up zsh
zsh
# change the defult shell for a user
# Return the zsh to defualt bash shell
sudo chsh -s /bin/bash <username>
Install anaconda via homebrew
# brew command for anaconda
brew install --cask anaconda
# the path of anaconda =/usr/local/anaconda3
# if anacond was not found or access by zsh
export PATH="/usr/local/anaconda3/bin:$PATH"
# if this was installed through brew it can be found under
# /opt/homebrew/anaconda3/bin
export PATH="/opt/homebrew/anaconda3/bin:$PATH"
# update your source .zschrc
source ~/.zshrc
Update the $PATH on Mac
# remove something from $PATH or update it.
echo $PATH # and copy it's value. and remove what you don't need to be there.
# empty it
export PATH=""
# keep what you like.
export PATH="/path/you/want/to/keep"
Kill a process in Linux
# kill ProcessID
kill -9 10389
# you can find a process by
ps -eaf | grep "process_name" | grep -v grep| awk '{ print $2 }'
# kill the process one liner command
ps -eaf | grep "jupyter" | grep -v grep| awk '{ print $2 }' | xargs kill -9
Check where a package installed via brew
#Use the following to show the installation path of a package:
brew info anaconda
Copy file from a remote host to local hostĀ SCP example:
scp username@from_host:file.txt /local/directory/
Copy file from local host to a remote host SCP example:
scp file.txt username@to_host:/remote/directory/
Copy directory from a remote host to local host SCP example:
$ scp -rĀ username@from_host:/remote/directory/ Ā /local/directory/
Copy directory from local host to a remote host SCP example:
$ scp -r /local/directory/ username@to_host:/remote/directory/
Copy file from remote host to remote host SCP example:
$ scp username@from_host:/remote/directory/file.txtĀ username@to_host:/remote/directory/
Copy files from source to destination without overwrite
# -n will copy all the files without overwriting in the destination
cp -n *.jpg ./copy
Make a directory
# directories called sa1,sa2,...,sa50
mkdir sa{1..50}
# same previous but each one has sax1,sax2,...sax50 inside
mkdir -p sa{1..50}/sax{1..50}
# 26 directoried a12345,b12345,...,z12345
mkdir {a-z}12345
# directories 1,2, and 3
mkdir {1,2,3}
# today's date with formate year month day and inside it has 1,2 and 3
mkdir -p `date '+%y%m%d'`/{1,2,3}
# the username and inside it has three directories 1,2, and 3
mkdir -p $USER/{1,2,3}
Date command
These are the most common formatting characters for the date command:
%D ā Display date as mm/dd/yy
%Y ā Year (e.g., 2020)
%m ā Month (01-12)
%B ā Long month name (e.g., November)
%b ā Short month name (e.g., Nov)
%d ā Day of month (e.g., 01)
%j ā Day of year (001-366)
%u ā Day of week (1-7)
%A ā Full weekday name (e.g., Friday)
%a ā Short weekday name (e.g., Fri)
%H ā Hour (00-23)
%I ā Hour (01-12)
%M ā Minute (00-59)
%S ā Second (00-60)
Download and install .sh file one command
curl -fsSL https://link.sh | sh
Docker
# install docker
sudo apt install -y docker.io
# how to enable docker
sudo systemctl enable docker --now
# to start docker after been closed
sudo systmctl start docker
# Add the user to the docker group Do the following command to refresh USER
sudo usermod -aG docker $USER
# sometime you run into premission denied
newgrp docker
# how to run hello world in docker
docker run hello-world
# apache server with DVWA (Damn Vulnerable Web Application)
docker run --rm -it -p 80:80 vulnerables/web-dvwa
# Let the DVWA open apache server and connect to it using any browser and serfe to localhost 127.0.0.1
# The user name is admin and the password is admin too
# you need to go down and reset the database and re-login
# the user is admin and the password is password now.
# Installing OWASP juice shop
docker run --rm -p 3000:3000 bkimminich/
# to remove a docker image
docker image rm -f IMAGE [IMAGE...]
# to list all the docker images
docker image ls
# to inspect a docker image architecture
docker image inspect [IMAGE...]
For Kali Linux
If you want to fix problem with Kali linux look for this guy called [Dewalt-arch]
# download the tool to fix kali issues [pip,pip3,golang gedit ,etc.]
git clone https://github.com/Dewalt-arch/pimpmykali
# navigate to it
cd pimpmykali
# run it with option 0 to fix all
sudo ./pimpmykali.sh
#For a new kali vm, run menu option N
Bash Scripting
# it is going to ping one time and store the result in that file.
# use >> to concatinate or append at the end of a file.
ping 10.10.10.1 -c 1 > test.txt
# will grap the line that has the occurance of 64 bytes
# will split that line by Delimiter space and get the Field number 4
cat test.txt | grep "64 bytes" | cut -d " " -f 4
# the result will be >> 10.10.10.1
Installing Python2 and Python3
# This will get you Python 2.7 installed
sudo apt install python2
# This will get you the latest Python 3.X version
sudo apt install python3
Installing pip and pip3 in your machine
# This will install pip in your machine
sudo apt install python3-pip
# To check pip version
pip --version
# This will install pip2 in your machine
sudo apt install python-pip
Jupyter lab
# install jupyterlab
pip install jupyterlab
# start jupyter lab
jupyter lab /path/you/want
Open Jupyter remotly
# In the remote server that has jupyter. You open jupyter witout browser and on specified port
jupyter notebook --no-browser --port=8888
# From local machine that has the GUI do
# Open ssh tunnel to your server and tie your local port to the server one localPort:localhost:remotePort
ssh -L 8888:localhost:8888 your_server_username@your_server_ip
Compressing tools
file File.bin
# File.bin: gzip compressed data, was "data9.bin",
# last modified: Thu Sep 1 06:30:09 2022, max compression,
# from Unix, original size modulo 2^32 49
- TAR ( Software utility for collecting many files into one archive file and Extraction)
# ============= Compress ==================
# How to compress a whole directory in Linux or Unix
# You need to use the tar command as follows (syntax of tar command):
tar -zcvf archive-name.tar.gz source-directory-name
# ============= Decompress ================
# File should have extension like .tar
# Can be any compressed file. This command can uncompress most of the compressed files type such as zip,gz,tar,bz ,etc
tar -xvf FILE.GZ.TAR
tar -xzf FILE.GZ.TAR
# === This for bzip
tar -xjvf FILE
# =====Verbose
tar -xvzf /path/to/file.tar.gz
# ================ Split files into chunk ==============
tar czpvf - /image_data | split -d -b 6000M - malnet-image
# this will result into spliting the files into chunk of 6G each chunk in size
# To combined all these fiels back again do
cat malnet-image* | tar xzpvf -
- bzip2
# File should have extension like .bz2
# This command to compress the file.
bzip2 File
# This command to uncompress a file .
bzip2 -d File.bz2
- gzip
# File should have extension like .gz
# This command to compress the file.
gzip File
# This command to uncompress a file .
gzip -d File.gz
Adding a path to your PATH directory
export PATH=$PATH:/user/any/place/you/wont/to/add/bin
# After updating any environment variables make sure to update the profileby
source ~/.profile
# In case you are using zsh do
source ~/.zshrc
# To chek if the path get addedd successfully do
echo $PATH
Environment Variables:
# This will print all the environment variables
env
ENV
#This variable displays all the environment variable.
# Standard environment variables are as follows:
PATH
#This variable contains a list of directories in which our system looks for files. It separates directories by a (:) colon.
USER
#This variable holds the username.
HOME
#This variable holds the default path to the user's home directory.
EDITOR
#This variable contains the path to the specified editor.
UID
#This variable contains the path to the user's unique id.
TERM
#This variable contains the path to the default terminal emulator.
SHELL
#This variable contains the path to the default shell that is being used by the user.
Create Environment Variable
# To create a new variable, use the export command followed by a variable name and its value.
export NAME=VALUE
#To create a new variable say new_variable, execute the command as follows:
export new_variable=10
# The echo command is used to display the variable:
# To display the value of the variable, use the $ symbol before the variable name:
echo $new_variable
# add java JDK to path
export PATH=$PATH:/home/jdk1.8/bin/
Removing an Environment Variable
unset new_variable
AWK
# print counter that count the number of the 14 columns
awk '{t+=$14; print t,$14}'
# this will change the list of names in the bad_ to names ends with _ and save it to aaa
cat bad_ | awk '{print "mv " $1 " " $1"_"}' > aaa
# You can execute commands by place in it between ``
awk "{print `ls` $1}"
# You can do some calculation
awk '{print $1+$3 +$5}'
# remove the first three lines from a file
awk 'NR > 3 { print }' < t.txt
# remove the first and the last line in a file
awk 'NR>2 {print last} {last=$0}'
# Awk set delimiter as comma
awk -F',' '{print $3}' myfile.txt
# Sum all the scond values on a file
awk '{n += $2}; END{print n}' <file-name>
#If you want to print each comma-separated value on a separate line using awk, you can use the following command:
awk -F, '{for (i=1; i<=NF; i++) print $i}'
egrep '^Hits@level = ' log | awk '{t+=$14; print t,$14}' echo ===== summary '[5]' egrep ' \[5\] .:' log | sort -u | pr -t -n #egrep ' \[5\] .:' log | egrep -aiv testsuite | sort -u | pr -t -n
Hostname
# Hostnamae what comes after the user@xxx this can be viewed by
hostname
# Or you can see more details by
hostnamectl
# To change it use
hostnamectl set-hostname 'whatever you wish'
# reboot
sudo reboot
Timing a command
# If you want to time a command or a script
time AnyScript
# Display a time when a file is created
ls -lt FileName
Links and Lynx change html format into text
lynx -dump FILE.html
Sed replace char or symbol by another
# this will replace any white space with a tab
sed -e 's/ /\t/g'
# This will replace any white space with a comma
sed -e 's/ /,/g'
Memory Layout
List only directory
Type the following command:
$ ls -l | grep `^d'
$ ls -l | egrep `^d'
Or better try the following ls command only to list directories for the current directory:
# This will list all the directories in the current directory
ls -d */
# If you want to delete all the directories but not the files do this
# this will remove all the directories recursivly
for i in `ls -d */`;do rm -rf "$i";done
Find files modified within 7 days
# Current directory find any file that ends in c or h that has been modified within 7 days.
find . -iname "*.[ch]" -mtime -7
# You can add more extension the the top command by -o -inmae "*.html" this will cover the html files.
find . -iname "*.[ch]" -o -inmae "*.html" -mtime -7
#----------------
# d - directory
# f - file
# l - symbolic link
# s - socket
# p - named pipe (used for FIFO)
# b - block special (usually a hard drive designation)
#-----------------
# Is an option to specify the depth or the scope of search "-maxdepth 2" here is 2 level below this directory
# find type file in the root directory
find / -type f -name apache2
Find and execute commands on the output of the file
# Here we execute the ls -la as a command on the output of the first command
find . -iname '*.' -exec ls -la {} \;
# Here we print the length of each file in lines.
find . -iname '*.png' -exec wc -l {} \;
#We can also pass a file of scripts to be executed on the output, -name not case sensitive. However, -iname is not case sensitive
find . -name '*.php' -exe Script {} \;
# Script example below
cat Script
# This print the without spaces or new lines
echo -n "$1 "
egrep 'printf\(' $1 | wc -l
Uname
prints the name, version and other details about the current machine and the operating system running on it.
# -m, (--machine) - Prints the name of the machineās hardware name.
# -p, (--processor) - Prints the architecture of the processor.
# -i, (--hardware-platform) - Prints the hardware platform.
# -o, (--operating-system) - Print the name of the operating system. On Linux systems that is āGNU/Linuxā
# -a, (--all) - When the -a option is used, uname behaves the same as if the -snrvmo options have been given.
uname -a
id
If the username is omitted, theĀ id
command displays information about the currently logged-in user.
# id prints the real user ID (uid), the userās real primary group ID (gid), and real IDs of the supplemental groups (groups) the user belongs to.
id
Remove a program from Linux
sudo apt remove AppNAME
sudo apt purge AppName
sudo apt autoremove
# Make sure to remove all its files if you know where it lives.
whereis AppName
rm -rf ...# all the previous location
Download a file Wget
wget theURLofTheFile
Update Linux apt-get repository
#This will update your apt list
sudo add-apt-repository ppa:ubuntu-elisp/ppa
# You need to apt update after that
sudo apt-get update
# Then install your newer version of your package
sudo apt-get install emacs-snapshot
locate a program and its files
#Searching with locate
locate ProgramName
Snort: worldās best network intrusion detection system (NIDS)š·
Snort is a free open source network intrusion detection system and intrusion prevention system created in 1998 by Martin Roesch, founder and former CTO of Sourcefire. Snort is now developed by Cisco, which purchased Sourcefire in 2013. commonly used to detect intrusions by hackers
Display line number on files
nl /etc/snort/snort.conf
Changing your ip address
fconfig eth0 192.168.181.115
# you can also change the netmask , the broadcast
>ifconfig eth0 192.168.181.115 netmask 255.255.0.0 broadcast 192.168.1.255
Changing ur MAC address
ifconfig eth0 down
ifconfig eth0 hw ether 00:11:22:33:44:55
ifconfig eth0 up
Print all the files names in a directory
# This will print the name of the files
for i in *; do echo "$i";done
# you can fix the top command to do more stuff.
for i in *; do echo "ls -la $i";done
# if you want to execute a command on a files lines do the follow
for i in `cat SomeFile`;do echo "this line: $i ";done
# This will iterate through the lines and download them using git clone
for i in `cat SomeFile`;do git clone "$i";done
Change all files extensions to another one
# This code will change all the {*.mp4.jpeg} into {*.jpeg}
for file in *.mp4.jpeg; do mv "$file" "${file%.mp4.jpeg}.jpeg"; done
# this another example
for file in *.txt; do mv "$file" "${file%.txt}.py"; done
file | Load the crontab data from the specified file. IfĀ fileĀ is a dash ("-"), the crontab data is read fromĀ standard input. |
-uĀ user | Specifies the user whoseĀ crontabĀ is to be viewed or modified. If this option is not given,Ā crontabĀ opens the crontab of the user who ranĀ crontab. Note: usingĀ suĀ to switch users can confuseĀ crontab, so if you are running it inside ofĀ su, always use theĀ -uĀ option to avoid ambiguity. |
-l | Display the current crontab. |
-r | Remove the current crontab. |
-e | Edit the current crontab, using the editor specified in the environment variableĀ VISUALĀ orĀ EDITOR. |
-i | Same asĀ -r, but gives the user a yes/no confirmationĀ promptĀ before removing the crontab. |
-s |
Installing Nginx & php on Ubuntu 22.04
sudo apt install nginx
# make sure it is enabled and started
sudo systemctl enable nginx
sudo systemctl start nginx
# this should result in active service.
sudo systemctl status nginx
sudo apt install php8.1-fpm -y
# Make sure that the php is runing
sudo systemctl status php8.1-fpm
# ------- [[ if you see this error ]] -------
#E: Unable to locate package php8.1-fpm
#E: Couldn't find any package by glob 'php8.1-fpm'
#E: Couldn't find any package by regex 'php8.1-fpm'
# do the following
sudo apt update && apt install -y software-properties-common
sudo add-apt-repository ppa:ondrej/php
sudo apt update
# and try after that
sudo apt install php8.1-fpm -y
# --------------------------------------------
# direect to this folder
cd /etc/nginx/site-available
nano default
# Add index.php to the list if you are using PHP
index index.php index.html index.htm index.nginx-debian.html;
# un-comment these lines of codes in this function
# pass PHP scripts to FastCGI server
#
location ~ \.php$ {
include snippets/fastcgi-php.conf;
# ======= [[ MAKE SURE TO CHANGE THE VERSION TO MATCH YOURS 8.1 ]] ====
# # With php-fpm (or other unix sockets):
fastcgi_pass unix:/run/php/php8.1-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
}
# un-comment this function
location ~ /\.ht {
deny all;
}
# to validate the nginx configuration
sudo nginx -t
# Make a file in /var/www/html called index.php
<?php phpinfo();?>
# To check that php8.1-fpm is working do
sudo systemctl status php8.1-fpm
checksec tinyshell
LDD command in Linux
check is an executable binary file needs shared object dependencies.
There are two types of libraries:
- Static libraries
- Dynamic or Shared Libraries
#To show the shared library dependencies of the bash binary,
sudo ldd /bin/bash
The above command shows the dependencies as:
Opemconnect
VPN client for Linux like anyconnect by cisco
# Install
sudo apt install openconnect -y
# Connect to the vpn
sudo openconnect -u username -b vpn.server.com
# Check if it change your ip address using
ip a
# Disconnect
sudo kill -9 $(pgrep openconnect | awk '{print $1}')
Really powerful word search
# search for a word "minmatch" inside codeql folder and print where it is found
find codeql -type f -exec grep minimatch {} \;
find codeql -type f -exec grep minimatch {} /dev/null \;
loocal machine :