Category Archives: Commands

linux – file commands

 diff <file1> <file2> compare files
 rm -rf <dir> force delete of <dir>
 touch -r <ref_file> <file> matches timestamp <file> to <ref_file>
 touch -t <YYYYMMDDHHSS> <file> set <file> timestamp
 sudo fdisk -i list connected drives
 file <file> determine file type info
 mount /dev/sda# /mnt/usbdrive mount usb drive
 echo -n “<string>” | md5sum generate md5 hash for <string>
 md5sum -t <file> generate md5 hash for <file>
 echo -n “<string>” | sha1sum generate sha1 hash for <string>
 sha1sum <file> generate sha1 hash for <file>
 sort -u <file> sort unique lines in <file>
 grep -c “<string>” <file> count lines with <string> in <file>
 shred -f -u <file>overwrite / delete files
 dos2unix <file> convert <file> to unix format
 find -iname “*<string>*” find files with <string> in the filename
 find / -perm -4000 -o -perm -2000 find suid and gid files
 split -b <size> <file> split <file> in <size> blocks
 awk ‘sub(“$”, “\r”)’ <file_input> > <file_output> convert <file_input> to windows format
 dd skip=1000 count=2000 bs=8 if=<file> of=<file> cut block 1K-3K from <file>
 chattr <+/->i <file> set / unset immutable bit
tail -f * find modified files in current dir

linux – system info commands

getent passwdshow list of users
idcurrent username
wlogged on users
who -aextra user information
last -alast users logged on/in
cat /etc/issueshow information about os
cat /etc/*release*show more os information
cat /proc/versionshow kernel info
uname -ashow kernel info + cpu info
pkginfoshow installed packages on Solaris
dpkg –get-selectionsshow installed packages on Ubuntu
dpkg -I *.debinstall Debian package
rpm –query -allshow installed packages on Redhat
rpm -ivh *.rpminstall rpm package
ps -efshows all the processes
kill <pid>kill the process with id <pid>
$PATHshows the path
PATH=$PATH:<path>add <path> to path
which <program>show the location for <program> (ex: bash)
df -hdisk usage
mountlist mounted file systems

linux – simple network commands

ifconfigdisplay information about all network interfaces currently in operation
ss | lesslist out all connections
watch ss -tplist all tcp connections
netstat -antshow all tcp connections
netstat -anushow all udp connections
netstat -tulpnshow all all connections with PIDs
lsof -idisplay all established connection
smb://<ip>/<sharename>access Windows smb share
mount -t smbfs //<ip>/ADMIN$ /<folder>mount Windows Admin share
smbclient -U <user> \\\\<ip>\\<share>mount Windows share
ifconfig eth# <ip>/<cidr>set ip and subnetmask
ifconfig eth#:<int> <ip>/<cidr>set virtual network interface
iwlist <int> scanwifi scanner
dig -x <ip>domain lookup for ip
host <ip>domain lookup for ip
host -t SRV _<service>_tcp.url.comdomain SRV lookup
route add default gw <gw ip>set gateway
export MAC=xx:xx:xx:xx:xx:xxchange MAC
ifconfig <int> hw ether <MAC> change MAC
macchanger -m <MAC> <int>change MAC on Kali or Backtrack
ifconfig eth# mtu [size]change MTU size
dig @<ip> domain -t AXFRDNS zone transfer
host -l <domain> <nameserver>DNS zone transfer
ip xfrm state listprint existing VPN keys
/var/log/messages | grep DHCPlist DHCP assignments
echo “1” > /proc/sys/net/ipv4/ip_forwardturn on ip forwarding
tcpkill host <ip> and port <port>block ip with port
echo “nameserver x.x.x.x” > /etc/resolv.confadd DNS server
ip addr add <ip>/<cidr> dev eth#adds ‘hidden’ interface
nmblookup -A <ip>get hostname for <ip>