Linux Commands
Grep
<Command Options>
-o, --only-matching: Print only the matched (non-empty) parts of a matching line, with each such part on a separate output line.
-P, --perl-regexp: Interpret the pattern as a Perl-compatible regular expression (PCRE).
-v, --invert-match: Invert the sense of matching, to select non-matching lines.
-r, --recursive: Read all files under each directory, recursively, following symbolic links only if they are on the command line.
-l, --files-with-matches: Suppress normal output; instead print the name of each input file from which output would normally have been printed.
<Examples of Usage>
#Selected lines are those not matching any of the specified patterns.
grep -v ‘keyword’ test.txt
#Print only the mached parts with regular expression
grep -oP '\d{1,5}/open' allports.gnmap | sort -u
# 特定のキーワードを含まない行を表示
grep -v ‘keyword’ test.txt
# 検索したい文字列を含むファイルを表示
grep <keyword> -rl <path>
Sort
<Command Options>
-u, --unique: output only the first of an equal run
<Examples of Usage>
#Print only the mached parts with regular expression and make each line unique
grep -oP '\d{1,5}/open' allports.gnmap | sort -u
Wget
# 指定したURLからのファイルダウンロード
wget -O <url>
# 指定したURLからの再起的のファイルダウンロード
wget -r <url>
# 証明書の確認せずにコンテンツを取得
wget <url> --no-check-certificate
Sed
<Command Options>
<Examples of Usage>
#Selected lines are those not matching any of the specified patterns.
cat srcip_area.csv | sed 's/"//g' |sed 's/,/ /g' | awk '{print $3, $4$5}' | awk '{arr[$1]+=$2} END {for (i in arr) {print i,arr[i]}}' | sort -nrk 2
cat file.txt | sed -e "s/<instance to find>/<instance to replace it with>/g" > output.txt
Awk
* 「cat access_log | grep bullet.gif | awk -F'"' '{print $1 $4}’」
* -F’”'よりデリミターを指定して、文字を取得
* 「ls -lt | awk '$5>1000 {print $0}'」
* ファイルの容量が1000bytes以上の行のみを表示
* 「ls /Applications | awk 'length($0)>13{print}'」
* 長さが13を超える行数のみを表示
* 「cat access_log | awk '$9 == "404"{print $1}' | sort | uniq | wc -l」
* Awk のマッチング
* 「lsof -nPi | awk '/LISTEN/‘」
* 「ifconfig en1 | awk '/inet/{print substr($2,5,3)}'」
* print substr($2, 開始文字位置, 切り取り文字数)
* 「# ps -ef | awk '/sshd/ && !($3 == 1 || /sshd: hal[@ ]/) {print $2}'」
* &&条件
Tr
* 「cat /etc/shells/ | tr a-z A-Z」
* 小文字を大文字に変換
* 「cat /etc/shells/ | tr -d ‘d’」
* dを削除
* 「ls -l | tr -s ' ' ‘,'」
* 連続したスペースを,に変換
* 「ls -l | tr -s ' ' '\t' | cut -f 1,5,9-」
Tar
圧縮:tar cvzf tgzファイル名 圧縮対象ディレクトリ
解凍:ar xvzf tgzファイル名
Ps
charix@Poison:~ % ps -auwwx
-a: list the processes of all users on the system
-u: provide detailed information about each process
-x: list processes that have no controlling terminal, such as daemons
-ww: Wide output with unlimited width
Find
<Command Options>
-name pattern: True if the last component of the pathname being examined matches pattern.
-type t: True if the file is of the specified type.
b block special
c character special
d directory
f regular file
l symbolic link
p FIFO
s socket
-iname pattern: Like -name, but the match is case insensitive.
-exec command: Execute command
<Examples of Usage>
find / -name .DS_Store > filelist.txt 2> errlist.txt
# 標準出力と標準エラー出力をそれぞれリダイレクトするfind [検索対象フォルダのパス]
-type f -name "[検索したい文字列]"
# 指定フォルダを配下を再帰的検索
find / -name example.txt 2>/dev/null
# 標準エラー出力を捨てる
find . -name "*.php" -type f -exec chmod 755 {} \;
find / -perm -o+w -type d
# Show all world readable directories
find / -perm -o+e -type d
# Show all world executable directories
find / -perm -1000 -type d 2>/dev/null
# Sticky bit - Only the owner of the directory or the owner of a file can delete or rename here.
find / -perm -g=s -type f 2>/dev/null
# SGID (chmod 2000) - run as the group, not the user who started it.
find / -perm -u=s -type f 2>/dev/null
# SUID (chmod 4000) - run as the owner, not the user who started it.
Cut
Kill
kill -9 $PID
Sudo
<Command Options>
-l, --list: list user's privileges or check a specific command; use twice for longer format
-u, --user=user: run command (or edit file) as specified user name or ID
<Examples of Usage>
sudo -l
sudo -u scriptmanager bash
# execute command as specified user
Extracting archives
tar xvfj test.tar.bz2
tar zxvf test.tar.gz
tar zxvf test.tar
gzip -d test.gz
unzip test.zip
zcat rockyou.txt.gz > rockyou.txt
Compressing archives
tar -zcvf test.tar test
gzip test
zip -9 test.zip test
zip -r test.zip test/
Copy files remotely
scp /path/to/local/file.txt user@targetIP:/path/to/share # local to remote
scp -r user@targetIP:/path/to/share /local/share # remote to local
cat ~/.ssh/id_rsa.pub | ssh user@targetIP 'cat >> .ssh/authorized_keys'
Bash
for
for i in $(seq 0 12); do echo -n '|base64 -d';done
|base64 -d|base64 -d|base64 -d|base64 -d|base64 -d|base64 -d|base64 -d|base64 -d|base64 -d|base64 -d|base64 -d|base64 -d|base64 -d
Last updated