Basics

Things here are mostly from the OSCP Survival Guide, which has now been taken offline.

  • Set the Target IP Address to the $rh system variable:
export rh=192.168.1.100
  • Find the location of a file:
locate sbd.exe
  • Search through directories in the $PATH environment variable:
which bash
  • Search for a file that contains a specific string in it's name:
find / -name sbd\*
  • Show active internet connections (servers and established):
netstat -antpl
  • Change Password (currently logged in user):
passwd
  • Verify a service is running and listening:
netstat -antp |grep apache
  • Start a service:
systemctl start ssh
systemctl start apache2
  • Have a service start at boot:
systemctl enable ssh
  • Stop a service:
systemctl stop ssh
  • Unzip a gz file:
gunzip access.log.gz
  • Unzip a tar.gz file ("untar"):
tar -xzvf file.tar.gz
  • Search command history for a specific command:
history | grep command_to_search_for
  • Download a webpage (or a file):
wget http://www.cisco.com
  • Open a webpage:
curl http://www.cisco.com
  • Check disk usage graphically (gnome) (sort of like free disk space, i.e. df -h):
baobab

String Manipulation

  • Count number of lines in file:
wc -l index.html
  • Get the start or end of a file (10 lines):
head -10 index.html
tail -10 index.html
  • Extract all the lines that contain a string:
grep "href=" index.html
  • Cut a string by a delimiter, filter results then sort:
grep "href=" index.html | cut -d "/" -f 3 | grep "\\." | cut -d '"' -f 1 | sort -u
  • Using Grep and regular expressions and output to a file:
cat index.html | grep -o 'http://\[^"\]\*' | cut -d "/" -f 3 | sort –u > list.txt
  • Use a bash loop to find the IP address behind each host (aka simple bash for loop):
for url in $(cat list.txt); do host $url; done

Encoding, Decoding & Hashing

  • Decode Base64 encoded values:
echo -n "QWxhZGRpbjpvcGVuIHNlc2FtZQ==" | base64 --decode
  • Decode Hexidecimal encoded values:
echo -n "46 4c 34 36 5f 33 3a 32 396472796 63637756 8656874" | xxd -r -ps