Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
coee/docs/linux-commands/
PEN TESTING
YUM Commands
1 of 22 03/11/14 13:48
Linux Commands for Penetration Testers https://highon.coee/docs/linux-commands/
Distros
Samba Commands
COMMAND DESCRIPTION
Show Linux
network ports
netstat -tulpn
with process
ID's (PIDs)
Watch TCP,
UDP open
ports in real
watch ss -stplu
time with
socket
summary.
2 of 22 03/11/14 13:48
Linux Commands for Penetration Testers https://highon.coee/docs/linux-commands/
COMMAND DESCRIPTION
Show
lsof -i established
connections.
Change MAC
macchanger -m MACADDR INTR address on
KALI Linux.
Set IP address
ifconfig eth0 192.168.2.1/24
in Linux.
Add IP
address to
existing
ifconfig eth0:1 192.168.2.3/24
network
interface in
Linux.
Change MAC
address in
ifconfig eth0 hw ether MACADDR
Linux using
ifcong.
Change MTU
size Linux
using ifcong,
ifconfig eth0 mtu 1500
change 1500
to your
desired MTU.
Dig reverse
dig -x 192.168.1.1 lookup on an
IP address.
3 of 22 03/11/14 13:48
Linux Commands for Penetration Testers https://highon.coee/docs/linux-commands/
COMMAND DESCRIPTION
Reverse
lookup on an
host 192.168.1.1 IP address, in
case dig is not
installed.
Perform a
DNS zone
dig @192.168.2.2 domain.com -t AXFR
transfer using
dig.
Perform a
DNS zone
host -l domain.com nameserver
transfer using
host.
Get hostname
nbtstat -A x.x.x.x
for IP address.
Adds a hidden
IP address to
Linux, does
ip addr add 192.168.2.22/24 dev eth0 not show up
when
performing an
ifcong.
Blocks access
to google.com
tcpkill -9 host google.com
from the host
machine.
Enables IP
echo "1" > /proc/sys/net/ipv4/ip_forward forwarding,
4 of 22 03/11/14 13:48
Linux Commands for Penetration Testers https://highon.coee/docs/linux-commands/
COMMAND DESCRIPTION
turns Linux
box into a
router - handy
for routing
trafc
through a box.
Use Google
echo "8.8.8.8" > /etc/resolv.conf
DNS.
COMMAND DESCRIPTION
Shows
currently
whoami
logged in user
on Linux.
Shows
currently
id logged in user
and groups
for the user.
Shows last
last logged in
users.
Show
mount mounted
5 of 22 03/11/14 13:48
Linux Commands for Penetration Testers https://highon.coee/docs/linux-commands/
COMMAND DESCRIPTION
drives.
Shows disk
usage in
df -h human
readable
output.
Reset
echo "user:passwd" | chpasswd password in
one line.
List users on
getent passwd
Linux.
Shows
contents of
strings /usr/local/bin/blah none text les,
e.g. whats in a
binary.
Shows
running
uname -ar
kernel
version.
Add a new
PATH, handy
PATH=$PATH:/my/new-path
for local FS
manipulation.
Show bash
history,
history
commands
6 of 22 03/11/14 13:48
Linux Commands for Penetration Testers https://highon.coee/docs/linux-commands/
COMMAND DESCRIPTION
COMMAND DESCRIPTION
Shows Redhat /
cat /etc/redhat-release CentOS version
number.
Check installed
RPM is patched
rpm -q --changelog openvpn against CVE,
grep the output
for CVE.
YUM Commands
COMMAND DESCRIPTION
7 of 22 03/11/14 13:48
Linux Commands for Penetration Testers https://highon.coee/docs/linux-commands/
COMMAND DESCRIPTION
Update all
RPM
packages with
yum update
YUM, also
shows whats
out of date.
Update
individual
packages, in
yum update httpd
this example
HTTPD
(Apache).
Install a
yum install package package using
YUM.
Exclude a
package from
yum --exclude=package kernel* update
being updates
with YUM.
Remove
yum remove package package with
YUM.
Remove
yum erase package package with
YUM.
Lists info
yum list package about yum
package.
8 of 22 03/11/14 13:48
Linux Commands for Penetration Testers https://highon.coee/docs/linux-commands/
COMMAND DESCRIPTION
What a
packages
does, e.g
yum provides httpd
Apache
HTTPD
Server.
Shows
package info,
yum info httpd
architecture,
version etc.
Use YUM to
install local
yum localinstall blah.rpm RPM, settles
deps from
repo.
Shows deps
yum deplist package
for a package.
List all
yum list installed | more installed
packages.
Install YUM
yum groupinstall 'Development Tools'
group.
COMMAND DESCRIPTION
9 of 22 03/11/14 13:48
Linux Commands for Penetration Testers https://highon.coee/docs/linux-commands/
COMMAND DESCRIPTION
Shows Debian
cat /etc/debian_version
version number.
Shows Ubuntu
cat /etc/*-release
version number.
COMMAND DESCRIPTION
COMMAND DESCRIPTION
10 of 22 03/11/14 13:48
Linux Commands for Penetration Testers https://highon.coee/docs/linux-commands/
COMMAND DESCRIPTION
Extracts zip le
unzip archive.zip
on Linux.
Search inside a
zipgrep *.txt archive.zip
.zip archive.
Extract tar le
tar xf archive.tar
Linux.
Extract a tar.gz
tar xvzf archive.tar.gz
le Linux.
Extract a
tar xjf archive.tar.bz2 tar.bz2 le
Linux.
Search inside a
tar ztvf file.tar.gz | grep blah
tar.gz le.
Extract a gzip
gzip -d archive.gz
le Linux.
Read a gz le
zcat archive.gz Linux without
decompressing.
Same function
as the less
zless archive.gz
command for
.gz archives.
Search inside
.gz archives on
zgrep 'blah' /var/log/maillog*.gz
Linux, search
11 of 22 03/11/14 13:48
Linux Commands for Penetration Testers https://highon.coee/docs/linux-commands/
COMMAND DESCRIPTION
inside of
compressed log
les.
UPX compress
upx -9 -o output.exe input.exe
.exe le Linux.
COMMAND DESCRIPTION
Creates a .zip
zip -r file.zip /dir/*
le on Linux.
Creates a tar
tar cf archive.tar files
le on Linux.
Creates a
tar czf archive.tar.gz files tar.gz le on
Linux.
Creates a
tar cjf archive.tar.bz2 files tar.bz2 le on
Linux.
Creates a
gzip file le.gz le on
Linux.
12 of 22 03/11/14 13:48
Linux Commands for Penetration Testers https://highon.coee/docs/linux-commands/
COMMAND DESCRIPTION
Display size of
df -h blah
le / dir Linux.
Compare /
Show
diff file1 file2 differences
between two
les on Linux.
Generate
md5sum file MD5SUM
Linux.
Check le
against
MD5SUM on
md5sum -c blah.iso.md5 Linux, assuming
both le and
.md5 are in the
same dir.
Convert
Windows line
dos2unix
endings to Unix
/ Linux.
13 of 22 03/11/14 13:48
Linux Commands for Penetration Testers https://highon.coee/docs/linux-commands/
COMMAND DESCRIPTION
Creates a new
le using the
timestamp data
from the
touch -r ref-file new-file
reference le,
drop the -r to
simply create a
le.
Remove les
and directories
rm -rf without
prompting for
conrmation.
Samba Commands
14 of 22 03/11/14 13:48
Linux Commands for Penetration Testers https://highon.coee/docs/linux-commands/
echo os.system('/bin/bash')
/bin/sh -i
Misc Commands
COMMAND DESCRIPTION
Reboot Linux
init 6 from the
command line.
Compile C
gcc -o output.c input.c
code.
Cross compile
C code,
gcc -m32 -o output.c input.c compile 32 bit
binary on 64
bit Linux.
Disable bash
unset HISTORYFILE history
logging.
Connect to
rdesktop X.X.X.X RDP server
from Linux.
15 of 22 03/11/14 13:48
Linux Commands for Penetration Testers https://highon.coee/docs/linux-commands/
COMMAND DESCRIPTION
Kill current
kill -9 $$
session.
Change
chown user:group blah owner of le
or dir.
Change
owner of le
or dir and all
chown -R user:group blah underlying
les / dirs -
recersive
chown.
Change le /
dir
permissions,
see [Linux File
System
chmod 600 file
Permissons]
(#linux-
le-system-
permissions)
for details.
16 of 22 03/11/14 13:48
Linux Commands for Penetration Testers https://highon.coee/docs/linux-commands/
VALUE MEANING
DIRECTORY DESCRIPTION
17 of 22 03/11/14 13:48
Linux Commands for Penetration Testers https://highon.coee/docs/linux-commands/
DIRECTORY DESCRIPTION
18 of 22 03/11/14 13:48
Linux Commands for Penetration Testers https://highon.coee/docs/linux-commands/
DIRECTORY DESCRIPTION
DIRECTORY DESCRIPTION
Contains local
/etc/passwd
Linux users.
Contains local
account
/etc/shadow
password
hashes.
Contains local
/etc/group account
groups.
19 of 22 03/11/14 13:48
Linux Commands for Penetration Testers https://highon.coee/docs/linux-commands/
DIRECTORY DESCRIPTION
Contains
service init
script - worth
/etc/init.d/
a look to see
whats
installed.
System
/etc/hostname
hostname.
Network
/etc/network/interfaces
interfaces.
System DNS
/etc/resolv.conf
servers.
System
/etc/profile environment
variables.
Users bash
~/.bash_history
history log.
Linux system
log les are
/var/log/
typically
stored here.
UNIX system
log les are
/var/adm/
typically
stored here.
20 of 22 03/11/14 13:48
Linux Commands for Penetration Testers https://highon.coee/docs/linux-commands/
DIRECTORY DESCRIPTION
Apache access
/var/log/apache2/access.log
log le typical
/var/log/httpd/access.log
path.
File system
/etc/fstab
mounts.
21 of 22 03/11/14 13:48
Linux Commands for Penetration Testers https://highon.coee/docs/linux-commands/
22 of 22 03/11/14 13:48