Kali Linux
Linux Commands
🔗 explainshell.com
🔗 TCM Linux-101 - syselement
📌 Use TAB
for autocompletion
➡️ File System
sudo
- run commands and tasks as a superuser or another user, with elevated privileges.
Copy sudo < COMMAN D >
# Switch to "root" user
sudo su -
pwd
- print the current working directory absolute path
cd
- change current working directory
Copy # Change dir to user's home dir
cd
# Change dir to parent dir (one level up)
cd ..
# Change dir
cd /home/user
cd /etc
ls
- list current directory contents
Copy ls
# Detailed list
ls -la
mkdir
- make a new directory
rmdir
- remove a directory
man
- manual of a command
Copy man < COMMAN D >
< COMMAND > --help
man ls
man sudo
sudo --help
echo
- display a line of text as output
cat
- concatenate files to standard output
>
- redirect the output of a command to a file
Copy echo "See ya" > text.txt
>>
- append the output of a command to a file
Copy echo "Tomorrow" >> text.txt
rm
- delete files/dirs
Copy rm text.txt
# Force and recursive remove a folder - PAY ATTENTION!
rm -rf tcm
mv
- move/renames files/dirs
Copy mv text.txt tcm/text_renamed.txt
cp
- copy files and directories
Copy cp text.txt tcm/text.txt
locate
- find files by name in a prebuilt database
updatedb
- update the locate
database
history
- show user's history input list
passwd
- change user's password
touch
- create a new empty file or change existing file timestamp
nano
- text editor (other are vi
, vim
)
mousepad
- GUI text editor
➡️ Users & Permissions
d rwx r-x r-x 2 syselement syselement 4096 Jun 13 15:01 Desktop
Permissions
1st character - d
/ -
/ l
= directory / file / symbolic link
2nd block - owner permissions
3rd block - group permissions
4th block - world permissions
-
(hyphen) = no permission
Copy la -la /tmp
drwxrwxrwt 16 root root 4096 Jun 13 15:39 .
chmod
- change the mode/permissions of files/dirs
Copy # Give "execute" permissions
chmod +x test.sh
chmod 777 test.sh
🔗 chmod Calculator
adduser
- create a new user
su
- switch to another user
/etc/passwd
- user's list, shell types, etc
/etc/shadow
- user's passwords hashes
/etc/sudoers
- sudo
configuration directives
Copy man sudoers
sudo cat /etc/sudoers
# Check "sudo" group
grep 'sudo' /etc/group
sudo -l
- list user's privileges or check a specific command
➡️ Network
ip
/ ifconfig
- show/manipulate routing, network devices, interfaces and tunnels
Copy ip a
ip -br -c a
ifconfig
iwconfig
- show wireless network interface configuration and status
ip n
- display the neighbor/ARP table
arp -a
- display ARP cache, IP-to-MAC address mapping
ip r
- display the IP routing table (destination networks, gateway IP, net interfaces)
route
- display/manipulate the IP routing table
ping
- send ICMP ECHO_REQUEST
to network hosts, checking network connectivity
Copy ping 8.8.8.8
# Stop with CTRL+C
netstat
/ ss
- print network connections (e.g. for open ports)
Copy netstat -tulpn
ss -tnl
➡️ Services
service
- manipulate services
Copy # Start Apache Web server service
sudo service apache2 start
# Stop Apache Web server service
sudo service apache2 stop
python
Copy # Start a simple HTTP server using Python, in current directory
python3 -m http.server 80
systemctl
Copy # Enable a service at system boot
sudo systemctl enable ssh
sudo systemctl enable ssh --now
# Disable a service at system boot
sudo systemctl disable ssh
➡️ Tools
apt update
- update the packages list and upgrade installed packages using the APT package manager
Copy # Update O.S.
sudo apt update && sudo apt upgrade -y
apt install
- install packages
Copy sudo apt install cron-daemon-common
# Install some useful tools
sudo apt install -y apt-transport-https btop curl duf eza flameshot htop kali-wallpapers-all neofetch net-tools pipx speedtest-cli telegram-desktop terminator tor tree vlc wget
git
- work with Git repository and version control
🔗 pimpmykali
Copy # Clone a Github repository in the "/opt" dir
cd /opt
sudo rm -rf pimpmykali/
sudo git clone https://github.com/Dewalt-arch/pimpmykali
sudo /opt/pimpmykali/pimpmykali.sh
# For a new kali vm, run menu option N
# hit N for NO root login
reboot
Other Tools Install
Copy # Sublime
sudo sh -c '
wget -qO- https://download.sublimetext.com/sublimehq-pub.gpg | gpg --dearmor -o /usr/share/keyrings/sublimehq-archive.gpg &&
echo "deb [arch="$(dpkg --print-architecture)" signed-by=/usr/share/keyrings/sublimehq-archive.gpg] https://download.sublimetext.com/ apt/stable/" | tee /etc/apt/sources.list.d/sublime-text.list &&
apt update &&
apt install -y sublime-text
'
# Brave
sudo sh -c '
apt install -y curl
curl -fsSLo /usr/share/keyrings/brave-browser-archive-keyring.gpg https://brave-browser-apt-release.s3.brave.com/brave-browser-archive-keyring.gpg
echo "deb [arch="$(dpkg --print-architecture)" signed-by=/usr/share/keyrings/brave-browser-archive-keyring.gpg] https://brave-browser-apt-release.s3.brave.com/ stable main" | tee /etc/apt/sources.list.d/brave-browser-release.list
wget http://archive.ubuntu.com/ubuntu/pool/main/libu/libu2f-host/libu2f-udev_1.1.10-3.2_all.deb
dpkg -i libu2f-udev_1.1.10-3.2_all.deb
apt update && apt install -y brave-browser
rm -rf libu2f-udev_1.1.10-3.2_all.deb
'
# VSCodium
wget https://gitlab.com/paulcarroty/vscodium-deb-rpm-repo/raw/master/pub.gpg && sudo mv pub.gpg /usr/share/keyrings/vscodium-archive-keyring.asc
sudo sh -c 'echo "deb [ signed-by=/usr/share/keyrings/vscodium-archive-keyring.asc ] https://paulcarroty.gitlab.io/vscodium-deb-rpm-repo/debs vscodium main" > /etc/apt/sources.list.d/vscodium.list'
sudo apt update && sudo apt install -y codium
# AutoRecon + Scanning Tools
sudo apt update
sudo apt install -y python3 python3-pip seclists curl dnsrecon enum4linux feroxbuster gobuster impacket-scripts nbtscan nikto nmap onesixtyone oscanner redis-tools smbclient smbmap snmp sslscan sipvicious tnscmd10g whatweb wkhtmltopdf
sudo apt install -y python3-venv
python3 -m pip install --user pipx
python3 -m pipx ensurepath
source ~/.zshrc
pipx install git+https://github.com/Tib3rius/AutoRecon.git
Bash Scripting & Piping
➡️ Ping Sweep Script
Make a bash
script that gathers data from a ping
command during a ping sweep network scanning.
grep
- print lines that match patterns
Copy ping 192.168.31.135 -c 1 > ip.txt
cat ip.txt | grep "64 bytes"
# Prints only the line matching the grep string
Copy cat ip.txt | grep "64 bytes" | cut -d " " -f 4 | tr -d ":"
Script: Sweep every IP address in a specific subnet network and export only the IPs that respond back.
🔗 Github - ipsweep repositories
Copy #!/bin/bash
if [ "$1" == "" ]
then
echo "ERROR: Insert an IP address!"
echo "Syntax is: ./ipsweep.sh 192.168.1"
else
# For every IP in the subnet Ping and print the IP
# & = multiple loop instances at once
for ip in ` seq 1 254 ` ; do
ping -c 1 $1 . $ip | grep "64 bytes" | cut -d " " -f 4 | tr -d ":" &
done
fi
Copy chmod +x ipsweep.sh
./ipsweep.sh 192.168.31
./ipsweep.sh 192.168.31 > ips.txt
One liner nmap
scan of ips.txt
Copy for ip in $( cat ips.txt ); do nmap $ip; done