User Management

  • To add a user:
adduser NameOfUser
  • On some machines, it may be:
useradd NameOfUser
  • To add user to sudo-group:
adduser NameOfUser sudo
  • Non-interactive adding to sudo group:
echo "username ALL=(ALL) ALL" >> /etc/sudoers
  • Check which users are in the sudo group:
cat /etc/group | grep sudo
  • Switch user in terminal:
su NameOfUser
  • Remove/delete user:
sudo userdel NameOfUser

General Operations

  • Show command history (for current user):
  • Execute a command as root (superuser do):
sudo whoami
  • The PATH variable:
# You can define it in /etc/environment.
# If it doesn't exist, create it:
source /etc/environment && export PATH
  • The non-persistent way of editing your PATH:
export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin

File Operations

  • List files in directory:
  • Sort list by last modified (-time -reverse):
ls -ltr
  • Show info about a file (its type):
  • Output content of file:
cat file.txt
  • Output file a little bit at a time:
# Use /searchterm to search. 
# Scroll with n to next search result.
# Press q to quit.
  • Output file but just little bit at a time. May potentially be used for privilege escalation.
  • Create a new file:
touch filename.txt
  • Copy a file:
cp filename.txt filename2.txt
  • Make a directory:
mkdir foobar
  • Make entire directory structure:
mkdir -p my/new/sub/directory
  • Remove file:
rm file.txt
  • Remove recursively. Very dangerous command!
rm -rf directory/
  • Remove empty directory:
  • Finding files - this will send all permissions denied outputs to dev/null:
find / -name file 2>/dev/null
# Find is slower than locate but a lot more thorough.
# You can search for files recursively and with regex, etc.
  • Locate is really fast because it relies on an internal database (index). In order to have it updated you need to run:
sudo updatedb
  • After that, searching is easy:
locate filename.txt
  • Which outputs the path of the binary that you are looking for:
which bash
# It searches through the directories that are defined in your $PATH variable.
# Usually outputs: /bin/bash
  • Finding in files:
grep -i -r -m1 --col "passw" /*
# grep with case INSENSITVE, RECURSIVE (can be caps), ONE match per file, --colored output.

Text Operations

  • Standard output redirection:
ls > result_of_ls.txt
# The result will be written to the file result_of_ls.txt
ls >> result_of_ls.txt
  • Another incredibly useful feature is the pipe, represented with the symbol |. It will take the stdout and redirect it into another program. Here is an example:
ls -la | less
# This will take the stdout from ls -la and forward/redirect it into the less program.
# Using the pipe you can now chain different commands.
  • Filtering data - there are many options:
sort test.txt
sort -u test.txt
sort test.txt | uniq
cat filename | sort -u > newFileName
  • sed can perform basic editing on streams (text, basically), e.g.:
sed "1d"
#Removes the first line of file/stream.
  • Another example - let's say that we have the following text, and we want to cut out the ip-address.
cut -d" " -f4
# The example text:
# 64 bytes from icmp_req=1 ttl=255 time=4.86 ms
# (-d stands for delimiter. and -f for field).
  • Transform all letter into capital letters:
tr "[:lower:]" "[:upper:]" < file1 > file2
  • Remove characters:
cat file.txt | tr -d "."
  • Remove all dots and replace them with underscore:
cat file.txt | tr "." "_"
  • Basic structure of an awk command:
awk '/search_pattern/ { action_to_take_on_matches; another_action; }' file_to_parse
  • Simple awk example:
awk '{print}' filename
# The search pattern takes regex.
# You can exclude the search portion or the action portion.
# This just prints every line of the file.
  • Filtering out specific ip-address:
awk '/' error.log
  • Now we want to print out the fourth column of that file. To do that, we can just pipe this to cut, but we can also use awk for it, like this:
awk '/ {print $4}' error.log
  • Another awk example:
awk '{print $2,$5;}' error.txt
# This awk prints columns 2 and 5.
  • We can use the awk -F flag to add a custom delimiter:
awk -F ':' '{print $1}' test.txt
  • If you are manipulating some text you might want to start the output with some info about the columns or something like that. To do that, we can use the BEGIN-keyword:
awk 'BEGIN {printf "IP-address \tPort\n"} /nop/ {print $3}' test.txt | head
awk 'BEGIN{printf "IP-address \tPort\n"} /nop/ {print $3} END {printf "End of the file\n"}' test.txt | tail
# Here we are printing IP address, Port to the first line of the file.