Bash - d4Rk's 1337 h4x0r guide

Related
​Process monitoring​
find
1
find / -maxdepth 5 -name *.php -type f -exec grep -Hn password {} \; 2>/dev/null
Copied!
Writable files
1
find / -writable
Copied!
sudo
List commands, current user can run as root
1
sudo -l
Copied!
-> GTFOBins
Run the command as a user other than the default target user (usually root).
1
sudo -u <user> <command>
Copied!
-> Useful in scenarios like this:
1
User <user1> may run the following commands on bashed:
2
    (<user2> : <user2>) NOPASSWD: ALL
Copied!
Asks the system to start a new login session for the specified user. The system will require the password for the user "username" (even if its the same as the current user).
1
su - <user>
Copied!
file
Get information about file
1
file <file>
Copied!
wc
Count chars
1
wc -c
Copied!
Count lines
1
wc -l
Copied!
rlwrap
A 'readline wrapper', a small utility that uses the GNU readline library to allow the editing of keyboard input for any command.
1
rlwrap <cmd>
Copied!
Permissions
Define permissions new files get on creation, opposite (mask) to chmod permissions
1
umask
Copied!
authbind
bind sockets to privileged ports (<1024) without being root
1
authbind <command>
Copied!
base64
​Base64 Encode or Decode on the command line without installing extra tools on Linux, Windows or macOS | Igor Kromin​
Linux
File
Encode base64 -w 0 <file> > <base64file>
Decode base64 -d <base64file> > <file>
String
Encode echo -n <string> | base64
Decode echo <base64string> | base64 -d
Windows
File
Encode certutil -encode <file> tmp.b64 && findstr /v /c:- tmp.b64 > <base64file>
Decode certutil -decode <base64file> <file>
grep
Print x-lines Before match
Print x-lines After match
Ignore-case
1
grep -i -A5 -B5 <string> <filename>
Copied!
1
<cmd> | grep -A5 -B5 "text"
Copied!
Recursive
1
grep -R "text" .
Copied!
1
grep -oP '\d{1,5}/open' nmap_results.gnmap |  > ports
Copied!
watch
Run command every second
1
watch -n 1 '<command>'
Copied!
sed
Trim whitespaces
1
sed 's/ //g'
Copied!
Remove newlines
1
sed -z 's/\n//g' <file>
Copied!
cut
Split string by delimiter, extract field 2
1
echo "some,strings" | cut -d "," -f 2 // outputs "strings"
Copied!
Split file by colon
1
cut -d ":" -f 1 /etc/passwd
Copied!
cron
List user's crontab
1
crontab -l
Copied!
sort unique
1
sort -u
Copied!
File size
1
du -hs <file>
Copied!
ascii table
1
man ascii
Copied!
ltrace / strace
Trace library calls of a given program.
1
ltrace ./<programm>
Copied!
Alternative
1
strace ./<programm>
Copied!
gcc
Use -m32 or -m64 to make the architecture explicit
1
gcc <file>.c -o <file>
Copied!
Compile for old 32bit kernel (2.6.9)
1
gcc -o 1397 1397.c -m32 -Wl,--hash-style=both
Copied!
Specific files
.tar.gz
1
-c		create
2
-x		extract
3
-f		file (must be last flag)
4
-v		verbose
5
-z		gzip
Copied!
Create archive
1
tar -zcvf
Copied!
Extract archive
1
tar -zxvf
Copied!
.7z
Extract
1
7z x <archive.7z>
Copied!
1
7z l <file>
Copied!
.vhd
1
guestmount --add <vhd-file> --inspector --ro -v /mnt/vhd
Copied!
.scf
​https://1337red.wordpress.com/using-a-scf-file-to-gather-hashes/
Place scf file in windows share to gather hashes
Images with hidden content
binwalk
Tool for searching binary images for embedded files and executable code
1
binwalk -Me <image-file>
Copied!