sudo - run commands and tasks as a superuser or another user, with elevated privileges.
sudo <COMMAND>
# Switch to "root" user
sudo su -
pwd - print the current working directory absolute path
pwd
cd - change current working directory
# Change dir to user's home dir
cd
# Change dir to parent dir (one level up)
cd ..
# Change dir
cd /home/user
cd /etc
ls - list current directory contents
ls
# Detailed list
ls -la
mkdir - make a new directory
mkdir tcm
rmdir - remove a directory
rmdir tcm
man - manual of a command
man <COMMAND>
<COMMAND> --help
man ls
man sudo
sudo --help
echo - display a line of text as output
echo "See ya"
cat - concatenate files to standard output
cat text.txt
> - redirect the output of a command to a file
echo "See ya" > text.txt
>> - append the output of a command to a file
echo "Tomorrow" >> text.txt
rm - delete files/dirs
rm text.txt
# Force and recursive remove a folder - PAY ATTENTION!
rm -rf tcm
mv - move/renames files/dirs
mv text.txt tcm/text_renamed.txt
cp - copy files and directories
cp text.txt tcm/text.txt
locate - find files by name in a prebuilt database
locate text.txt
updatedb - update the locate database
sudo updatedb
history - show user's history input list
history
passwd - change user's password
passwd
passwd <USER>
touch - create a new empty file or change existing file timestamp
touch test.txt
nano - text editor (other are vi, vim)
nano test2.txt
mousepad - GUI text editor
mousepad test3.txt
➡️ Users & Permissions
r - read
w - write
x - execute
d rwx r-x r-x 2 syselement syselement 4096 Jun 13 15:01 Desktop
Permissions
1st character - d / - / l = directory / file / symbolic link
2nd block - owner permissions
3rd block - group permissions
4th block - world permissions
- (hyphen) = no permission
File hard links - #
user
group
file size (bytes)
date
file name
la -la /tmp
drwxrwxrwt 16 root root 4096 Jun 13 15:39 .
chmod - change the mode/permissions of files/dirs
# Give "execute" permissions
chmod +x test.sh
chmod 777 test.sh
Octal
Decimal
Permission
Representation
000
0 (0+0+0)
No Permission
---
001
1 (0+0+1)
Execute
--x
010
2 (0+2+0)
Write
-w-
011
3 (0+2+1)
Write + Execute
-wx
100
4 (4+0+0)
Read
r--
101
5 (4+0+1)
Read + Execute
r-x
110
6 (4+2+0)
Read + Write
rw-
111
7 (4+2+1)
Read + Write + Execute
rwx
adduser - create a new user
sudo adduser <USER>
su - switch to another user
su <USER>
/etc/passwd - user's list, shell types, etc
cat /etc/passwd
/etc/shadow - user's passwords hashes
sudo cat /etc/shadow
/etc/sudoers - sudo configuration directives
man sudoers
sudo cat /etc/sudoers
# Check "sudo" group
grep 'sudo' /etc/group
sudo -l - list user's privileges or check a specific command
sudo -l
sudo -ll
➡️ Network
ip / ifconfig- show/manipulate routing, network devices, interfaces and tunnels
ip a
ip -br -c a
ifconfig
iwconfig - show wireless network interface configuration and status
iwconfig
ip n - display the neighbor/ARP table
ip n
arp -a - display ARP cache, IP-to-MAC address mapping
arp -a
ip r - display the IP routing table (destination networks, gateway IP, net interfaces)
ip r
route - display/manipulate the IP routing table
route
ping - send ICMPECHO_REQUEST to network hosts, checking network connectivity
ping 8.8.8.8
# Stop with CTRL+C
netstat / ss - print network connections (e.g. for open ports)
netstat -tulpn
ss -tnl
➡️ Services
service - manipulate services
# Start Apache Web server service
sudo service apache2 start
# Stop Apache Web server service
sudo service apache2 stop
python
# Start a simple HTTP server using Python, in current directory
python3 -m http.server 80
systemctl
# Enable a service at system boot
sudo systemctl enable ssh
sudo systemctl enable ssh --now
# Disable a service at system boot
sudo systemctl disable ssh
➡️ Tools
apt update - update the packages list and upgrade installed packages using the APT package manager
git - work with Git repository and version control
# Clone a Github repository in the "/opt" dir
cd /opt
sudo rm -rf pimpmykali/
sudo git clone https://github.com/Dewalt-arch/pimpmykali
sudo /opt/pimpmykali/pimpmykali.sh
# For a new kali vm, run menu option N
# hit N for NO root login
reboot
Script:Sweep every IP address in a specific subnet network and export only the IPs that respond back.
nano ipsweep.sh
#!/bin/bash
if [ "$1" == "" ]
then
echo "ERROR: Insert an IP address!"
echo "Syntax is: ./ipsweep.sh 192.168.1"
else
# For every IP in the subnet Ping and print the IP
# & = multiple loop instances at once
for ip in `seq 1 254`; do
ping -c 1 $1.$ip | grep "64 bytes" | cut -d " " -f 4 | tr -d ":" &
done
fi