Bash

Related
​Process monitoring​
find
find / -maxdepth 5 -name *.php -type f -exec grep -Hn password {} \; 2>/dev/null
Writable files
find / -writable
sudo
List commands, current user can run as root
sudo -l
-> GTFOBins
Run the command as a user other than the default target user (usually root).
sudo -u <user> <command>
-> Useful in scenarios like this:
User <user1> may run the following commands on bashed:
    (<user2> : <user2>) NOPASSWD: ALL
Asks the system to start a new login session for the specified user. The system will require the password for the user "username" (even if its the same as the current user).
su - <user>
file
Get information about file
file <file>
wc
Count chars
wc -c
Count lines
wc -l
rlwrap
A 'readline wrapper', a small utility that uses the GNU readline library to allow the editing of keyboard input for any command.
rlwrap <cmd>
Permissions
Define permissions new files get on creation, opposite (mask) to chmod permissions
umask
authbind
bind sockets to privileged ports (<1024) without being root
authbind <command>
base64
​Base64 Encode or Decode on the command line without installing extra tools on Linux, Windows or macOS | Igor Kromin​
Linux
File
Encode base64 -w 0 <file> > <base64file>
Decode base64 -d <base64file> > <file>
String
Encode echo -n <string> | base64
Decode echo <base64string> | base64 -d
Windows
File
Encode certutil -encode <file> tmp.b64 && findstr /v /c:- tmp.b64 > <base64file>
Decode certutil -decode <base64file> <file>
grep
Print x-lines Before match
Print x-lines After match
Ignore-case
grep -i -A5 -B5 <string> <filename>
<cmd> | grep -A5 -B5 "text"
Recursive
grep -R "text" .
grep -oP '\d{1,5}/open' nmap_results.gnmap |  > ports
watch
Run command every second
watch -n 1 '<command>'
sed
Trim whitespaces
sed 's/ //g'
Remove newlines
sed -z 's/\n//g' <file>
cut
Split string by delimiter, extract field 2
echo "some,strings" | cut -d "," -f 2 // outputs "strings"
Split file by colon
cut -d ":" -f 1 /etc/passwd
cron
List user's crontab
crontab -l
sort unique
sort -u
File size
du -hs <file>
ascii table
man ascii
ltrace / strace
Trace library calls of a given program.
ltrace ./<programm>
Alternative
strace ./<programm>
gcc
Use -m32 or -m64 to make the architecture explicit
gcc <file>.c -o <file>
Compile for old 32bit kernel (2.6.9)
gcc -o 1397 1397.c -m32 -Wl,--hash-style=both
Specific files
.tar.gz
-c		create
-x		extract
-f		file (must be last flag)
-v		verbose
-z		gzip
Create archive
tar -zcvf
Extract archive
tar -zxvf
.7z
Extract
7z x <archive.7z>
7z l <file>
.vhd
guestmount --add <vhd-file> --inspector --ro -v /mnt/vhd
.scf
​https://1337red.wordpress.com/using-a-scf-file-to-gather-hashes/
Place scf file in windows share to gather hashes
Images with hidden content
binwalk
Tool for searching binary images for embedded files and executable code
binwalk -Me <image-file>

Last modified 1yr ago