Linux Commands

Grep

<Command Options>
-o, --only-matching: Print only the matched (non-empty) parts of a matching line, with each such part on a separate output line.
-P, --perl-regexp: Interpret the pattern as a Perl-compatible regular expression (PCRE). 
-v, --invert-match: Invert the sense of matching, to select non-matching lines.
-r, --recursive: Read all files under each directory, recursively, following symbolic links only if they are  on  the  command  line.
-l, --files-with-matches: Suppress  normal  output;  instead  print  the  name  of  each input file from which output would normally have been printed.

<Examples of Usage>
#Selected lines are those not matching any of the specified patterns.
grep -v ‘keyword’ test.txt

#Print only the mached parts with regular expression
grep -oP '\d{1,5}/open' allports.gnmap | sort -u

# 特定のキーワードを含まない行を表示
grep -v ‘keyword’ test.txt

# 検索したい文字列を含むファイルを表示
grep <keyword> -rl <path>

Sort

<Command Options>
-u, --unique: output only the first of an equal run

<Examples of Usage>
#Print only the mached parts with regular expression and make each line unique
grep -oP '\d{1,5}/open' allports.gnmap | sort -u

Wget

# 指定したURLからのファイルダウンロード
wget -O <url>

# 指定したURLからの再起的のファイルダウンロード
wget -r <url> 

# 証明書の確認せずにコンテンツを取得
wget <url> --no-check-certificate

Sed

<Command Options>

<Examples of Usage>
#Selected lines are those not matching any of the specified patterns.

cat srcip_area.csv | sed 's/"//g' |sed 's/,/ /g' | awk '{print $3, $4$5}' | awk '{arr[$1]+=$2} END {for (i in arr) {print i,arr[i]}}' | sort -nrk 2

cat file.txt | sed -e "s/<instance to find>/<instance to replace it with>/g" > output.txt

Awk

* 「cat access_log | grep bullet.gif | awk -F'"' '{print $1 $4}’」
    * -F’”'よりデリミターを指定して、文字を取得
* 「ls -lt | awk '$5>1000 {print $0}'」
    * ファイルの容量が1000bytes以上の行のみを表示
* 「ls /Applications | awk 'length($0)>13{print}'」
    * 長さが13を超える行数のみを表示
* 「cat access_log | awk '$9 == "404"{print $1}' | sort | uniq | wc -l」
    * Awk のマッチング
* 「lsof -nPi | awk '/LISTEN/‘」
* 「ifconfig en1 | awk '/inet/{print substr($2,5,3)}'」
    * print substr（$2, 開始文字位置, 切り取り文字数）
* 「# ps -ef | awk '/sshd/ && !($3 == 1 || /sshd: hal[@ ]/) {print $2}'」
    * &&条件

Tr

* 「cat /etc/shells/ | tr a-z A-Z」
    * 小文字を大文字に変換
* 「cat /etc/shells/ | tr -d ‘d’」
    * dを削除
* 「ls -l | tr -s ' ' ‘,'」
    * 連続したスペースを,に変換
* 「ls -l | tr -s ' ' '\t' | cut -f 1,5,9-」

Tar

圧縮：tar cvzf tgzファイル名 圧縮対象ディレクトリ
解凍：ar xvzf tgzファイル名

Ps

charix@Poison:~ % ps -auwwx

-a: list the processes of all users on the system
-u: provide detailed information about each process
-x: list processes that have no controlling terminal, such as daemons
-ww: Wide output with unlimited width

Find

<Command Options>
-name pattern: True if the last component of the pathname being examined matches pattern.
-type t: True if the file is of the specified type.
             b block special
             c       character special
             d       directory
             f       regular file
             l       symbolic link
             p       FIFO
             s       socket
-iname pattern: Like -name, but the match is case insensitive.
-exec command: Execute command
 

<Examples of Usage>
find / -name .DS_Store > filelist.txt 2> errlist.txt
# 標準出力と標準エラー出力をそれぞれリダイレクトするfind [検索対象フォルダのパス] 

-type f -name "[検索したい文字列]"
# 指定フォルダを配下を再帰的検索

find / -name example.txt 2>/dev/null
# 標準エラー出力を捨てる

find . -name "*.php" -type f -exec chmod 755 {} \;

find / -perm -o+w -type d
# Show all world readable directories

find / -perm -o+e -type d
# Show all world executable directories

find / -perm -1000 -type d 2>/dev/null
# Sticky bit - Only the owner of the directory or the owner of a file can delete or rename here.

find / -perm -g=s -type f 2>/dev/null
# SGID (chmod 2000) - run as the group, not the user who started it.

find / -perm -u=s -type f 2>/dev/null
# SUID (chmod 4000) - run as the owner, not the user who started it.

Cut

Kill

kill -9 $PID

Sudo

<Command Options>
-l, --list: list user's privileges or check a specific command; use twice for longer format
-u, --user=user: run command (or edit file) as specified user name or ID

<Examples of Usage>
sudo -l

sudo -u scriptmanager bash
# execute command as specified user

Extracting archives

tar xvfj test.tar.bz2
tar zxvf test.tar.gz
tar zxvf test.tar
gzip -d test.gz
unzip test.zip
zcat rockyou.txt.gz > rockyou.txt

Compressing archives

tar -zcvf test.tar test
gzip test
zip -9 test.zip test
zip -r test.zip test/

Copy files remotely

scp /path/to/local/file.txt user@targetIP:/path/to/share # local to remote
scp -r user@targetIP:/path/to/share /local/share # remote to local
cat ~/.ssh/id_rsa.pub | ssh user@targetIP 'cat >> .ssh/authorized_keys'

Bash

for

for i in $(seq 0 12); do echo -n '|base64 -d';done
|base64 -d|base64 -d|base64 -d|base64 -d|base64 -d|base64 -d|base64 -d|base64 -d|base64 -d|base64 -d|base64 -d|base64 -d|base64 -d

PreviousService Login and Interaction NextPowershell

Last updated 4 years ago

<Command Options> -o, --only-matching: Print only the matched (non-empty) parts of a matching line, with each such part on a separate output line. -P, --perl-regexp: Interpret the pattern as a Perl-compatible regular expression (PCRE). -v, --invert-match: Invert the sense of matching, to select non-matching lines. -r, --recursive: Read all files under each directory, recursively, following symbolic links only if they are on the command line. -l, --files-with-matches: Suppress normal output; instead print the name of each input file from which output would normally have been printed. <Examples of Usage> #Selected lines are those not matching any of the specified patterns. grep -v ‘keyword’ test.txt #Print only the mached parts with regular expression grep -oP '\d{1,5}/open' allports.gnmap | sort -u # 特定のキーワードを含まない行を表示 grep -v ‘keyword’ test.txt # 検索したい文字列を含むファイルを表示 grep <keyword> -rl <path>

<Command Options> -u, --unique: output only the first of an equal run <Examples of Usage> #Print only the mached parts with regular expression and make each line unique grep -oP '\d{1,5}/open' allports.gnmap | sort -u

# 指定したURLからのファイルダウンロード wget -O <url> # 指定したURLからの再起的のファイルダウンロード wget -r <url> # 証明書の確認せずにコンテンツを取得 wget <url> --no-check-certificate

<Command Options> <Examples of Usage> #Selected lines are those not matching any of the specified patterns. cat srcip_area.csv | sed 's/"//g' |sed 's/,/ /g' | awk '{print $3, $4$5}' | awk '{arr[$1]+=$2} END {for (i in arr) {print i,arr[i]}}' | sort -nrk 2 cat file.txt | sed -e "s/<instance to find>/<instance to replace it with>/g" > output.txt

* 「cat access_log | grep bullet.gif | awk -F'"' '{print $1 $4}’」 * -F’”'よりデリミターを指定して、文字を取得 * 「ls -lt | awk '$5>1000 {print $0}'」 * ファイルの容量が1000bytes以上の行のみを表示 * 「ls /Applications | awk 'length($0)>13{print}'」 * 長さが13を超える行数のみを表示 * 「cat access_log | awk '$9 == "404"{print $1}' | sort | uniq | wc -l」 * Awk のマッチング * 「lsof -nPi | awk '/LISTEN/‘」 * 「ifconfig en1 | awk '/inet/{print substr($2,5,3)}'」 * print substr（$2, 開始文字位置, 切り取り文字数） * 「# ps -ef | awk '/sshd/ && !($3 == 1 || /sshd: hal[@ ]/) {print $2}'」 * &&条件

charix@Poison:~ % ps -auwwx -a: list the processes of all users on the system -u: provide detailed information about each process -x: list processes that have no controlling terminal, such as daemons -ww: Wide output with unlimited width

<Command Options> -name pattern: True if the last component of the pathname being examined matches pattern. -type t: True if the file is of the specified type. b block special c character special d directory f regular file l symbolic link p FIFO s socket -iname pattern: Like -name, but the match is case insensitive. -exec command: Execute command <Examples of Usage> find / -name .DS_Store > filelist.txt 2> errlist.txt # 標準出力と標準エラー出力をそれぞれリダイレクトするfind [検索対象フォルダのパス] -type f -name "[検索したい文字列]" # 指定フォルダを配下を再帰的検索 find / -name example.txt 2>/dev/null # 標準エラー出力を捨てる find . -name "*.php" -type f -exec chmod 755 {} \; find / -perm -o+w -type d # Show all world readable directories find / -perm -o+e -type d # Show all world executable directories find / -perm -1000 -type d 2>/dev/null # Sticky bit - Only the owner of the directory or the owner of a file can delete or rename here. find / -perm -g=s -type f 2>/dev/null # SGID (chmod 2000) - run as the group, not the user who started it. find / -perm -u=s -type f 2>/dev/null # SUID (chmod 4000) - run as the owner, not the user who started it.

<Command Options> -l, --list: list user's privileges or check a specific command; use twice for longer format -u, --user=user: run command (or edit file) as specified user name or ID <Examples of Usage> sudo -l sudo -u scriptmanager bash # execute command as specified user

scp /path/to/local/file.txt user@targetIP:/path/to/share # local to remote scp -r user@targetIP:/path/to/share /local/share # remote to local cat ~/.ssh/id_rsa.pub | ssh user@targetIP 'cat >> .ssh/authorized_keys'