- 📌 Use
TABfor autocompletion
sudo - run commands and tasks as a superuser or another user, with elevated privileges.
sudo <COMMAND>
# Switch to "root" user
sudo su -pwd - print the current working directory absolute path
pwdcd - change current working directory
# Change dir to user's home dir
cd
# Change dir to parent dir (one level up)
cd ..
# Change dir
cd /home/user
cd /etcls - list current directory contents
ls
# Detailed list
ls -lamkdir - make a new directory
mkdir tcmrmdir - remove a directory
rmdir tcmman - manual of a command
man <COMMAND>
<COMMAND> --help
man ls
man sudo
sudo --helpecho - display a line of text as output
echo "See ya"cat - concatenate files to standard output
cat text.txt> - redirect the output of a command to a file
echo "See ya" > text.txt>> - append the output of a command to a file
echo "Tomorrow" >> text.txtrm - delete files/dirs
rm text.txt
# Force and recursive remove a folder - PAY ATTENTION!
rm -rf tcmmv - move/renames files/dirs
mv text.txt tcm/text_renamed.txtcp - copy files and directories
cp text.txt tcm/text.txtlocate - find files by name in a prebuilt database
locate text.txtupdatedb - update the locate database
sudo updatedbhistory - show user's history input list
historypasswd - change user's password
passwd
passwd <USER>touch - create a new empty file or change existing file timestamp
touch test.txtnano - text editor (other are vi, vim)
nano test2.txtmousepad - GUI text editor
mousepad test3.txt
r- readw- writex- execute
d rwx r-x r-x 2 syselement syselement 4096 Jun 13 15:01 Desktop
-
Permissions
-
1st character -
d/-/l= directory / file / symbolic link -
2nd block - owner permissions
-
3rd block - group permissions
-
4th block - world permissions
-(hyphen) = no permission
-
-
File hard links -
# -
user -
group -
file size(bytes) -
date -
file name
la -la /tmp
drwxrwxrwt 16 root root 4096 Jun 13 15:39 .chmod - change the mode/permissions of files/dirs
# Give "execute" permissions
chmod +x test.sh
chmod 777 test.sh| Octal | Decimal | Permission | Representation |
|---|---|---|---|
| 000 | 0 (0+0+0) | No Permission | --- |
| 001 | 1 (0+0+1) | Execute | --x |
| 010 | 2 (0+2+0) | Write | -w- |
| 011 | 3 (0+2+1) | Write + Execute | -wx |
| 100 | 4 (4+0+0) | Read | r-- |
| 101 | 5 (4+0+1) | Read + Execute | r-x |
| 110 | 6 (4+2+0) | Read + Write | rw- |
| 111 | 7 (4+2+1) | Read + Write + Execute | rwx |
adduser - create a new user
sudo adduser <USER>su - switch to another user
su <USER>/etc/passwd - user's list, shell types, etc
cat /etc/passwd/etc/shadow - user's passwords hashes
sudo cat /etc/shadow/etc/sudoers - sudo configuration directives
man sudoers
sudo cat /etc/sudoers
# Check "sudo" group
grep 'sudo' /etc/groupsudo -l - list user's privileges or check a specific command
sudo -l
sudo -ll
ip / ifconfig- show/manipulate routing, network devices, interfaces and tunnels
ip a
ip -br -c a
ifconfigiwconfig - show wireless network interface configuration and status
iwconfig
ip n - display the neighbor/ARP table
ip narp -a - display ARP cache, IP-to-MAC address mapping
arp -aip r - display the IP routing table (destination networks, gateway IP, net interfaces)
ip rroute - display/manipulate the IP routing table
route
ping - send ICMP ECHO_REQUEST to network hosts, checking network connectivity
ping 8.8.8.8
# Stop with CTRL+Cnetstat / ss - print network connections (e.g. for open ports)
netstat -tulpn
ss -tnlservice - manipulate services
# Start Apache Web server service
sudo service apache2 start
# Stop Apache Web server service
sudo service apache2 stop
python
# Start a simple HTTP server using Python, in current directory
python3 -m http.server 80
systemctl
# Enable a service at system boot
sudo systemctl enable ssh
sudo systemctl enable ssh --now
# Disable a service at system boot
sudo systemctl disable ssh➡️ Tools
apt update - update the packages list and upgrade installed packages using the APT package manager
# Update O.S.
sudo apt update && sudo apt upgrade -yapt install - install packages
sudo apt install cron-daemon-common
# Install some useful tools
sudo apt install -y apt-transport-https btop curl duf eza flameshot htop kali-wallpapers-all neofetch net-tools pipx speedtest-cli telegram-desktop terminator tor tree vlc wgetgit - work with Git repository and version control
# Clone a Github repository in the "/opt" dir
cd /opt
sudo rm -rf pimpmykali/
sudo git clone https://github.com/Dewalt-arch/pimpmykali
sudo /opt/pimpmykali/pimpmykali.sh
# For a new kali vm, run menu option N
# hit N for NO root login
reboot
# Sublime
sudo sh -c '
wget -qO- https://download.sublimetext.com/sublimehq-pub.gpg | gpg --dearmor -o /usr/share/keyrings/sublimehq-archive.gpg &&
echo "deb [arch="$(dpkg --print-architecture)" signed-by=/usr/share/keyrings/sublimehq-archive.gpg] https://download.sublimetext.com/ apt/stable/" | tee /etc/apt/sources.list.d/sublime-text.list &&
apt update &&
apt install -y sublime-text
'
# Brave
sudo sh -c '
apt install -y curl
curl -fsSLo /usr/share/keyrings/brave-browser-archive-keyring.gpg https://brave-browser-apt-release.s3.brave.com/brave-browser-archive-keyring.gpg
echo "deb [arch="$(dpkg --print-architecture)" signed-by=/usr/share/keyrings/brave-browser-archive-keyring.gpg] https://brave-browser-apt-release.s3.brave.com/ stable main" | tee /etc/apt/sources.list.d/brave-browser-release.list
wget http://archive.ubuntu.com/ubuntu/pool/main/libu/libu2f-host/libu2f-udev_1.1.10-3.2_all.deb
dpkg -i libu2f-udev_1.1.10-3.2_all.deb
apt update && apt install -y brave-browser
rm -rf libu2f-udev_1.1.10-3.2_all.deb
'
# VSCodium
wget https://gitlab.com/paulcarroty/vscodium-deb-rpm-repo/raw/master/pub.gpg && sudo mv pub.gpg /usr/share/keyrings/vscodium-archive-keyring.asc
sudo sh -c 'echo "deb [ signed-by=/usr/share/keyrings/vscodium-archive-keyring.asc ] https://paulcarroty.gitlab.io/vscodium-deb-rpm-repo/debs vscodium main" > /etc/apt/sources.list.d/vscodium.list'
sudo apt update && sudo apt install -y codium
# AutoRecon + Scanning Tools
sudo apt update
sudo apt install -y python3 python3-pip seclists curl dnsrecon enum4linux feroxbuster gobuster impacket-scripts nbtscan nikto nmap onesixtyone oscanner redis-tools smbclient smbmap snmp sslscan sipvicious tnscmd10g whatweb wkhtmltopdf
sudo apt install -y python3-venv
python3 -m pip install --user pipx
python3 -m pipx ensurepath
source ~/.zshrc
pipx install git+https://github.com/Tib3rius/AutoRecon.git➡️ Ping Sweep Script
- Make a
bashscript that gathers data from apingcommand during a ping sweep network scanning.
grep - print lines that match patterns
ping 192.168.31.135 -c 1 > ip.txt
cat ip.txt | grep "64 bytes"
# Prints only the line matching the grep stringcat ip.txt | grep "64 bytes" | cut -d " " -f 4 | tr -d ":" 
Script: Sweep every IP address in a specific subnet network and export only the IPs that respond back.
nano ipsweep.sh#!/bin/bash
if [ "$1" == "" ]
then
echo "ERROR: Insert an IP address!"
echo "Syntax is: ./ipsweep.sh 192.168.1"
else
# For every IP in the subnet Ping and print the IP
# & = multiple loop instances at once
for ip in `seq 1 254`; do
ping -c 1 $1.$ip | grep "64 bytes" | cut -d " " -f 4 | tr -d ":" &
done
fichmod +x ipsweep.sh
./ipsweep.sh 192.168.31
./ipsweep.sh 192.168.31 > ips.txtOne liner nmap scan of ips.txt
for ip in $(cat ips.txt); do nmap $ip; done