Notes
Linux
Commands
locatefileNamewhichfileNamexxdfileName- curl -k URL.com
https://www.cyberciti.biz/faq/how-to-curl-ignore-ssl-certificate-warnings-command-option/ - wget -r -nH –cut-dirs=10 –no-parent –reject=”index.html*” https://my.target_url.com/
#download all files from that location ignoring the directory structure of the web target and without index.htmls. –cut-dirs=10 gets rid of the folder structure from t he target. - grep: -A5 = Display 5 ln after match | -B5 Display 5 ln before match
-nri //NumRecursiveIgnorecase - cut -f2 -d “:” //filters the content piped to cut to the 2nd field with a delimiter on “:”
- dmesg
- https://explainshell.com/
Terminal Tricks
- CTRL + U : Cancel current input
- CTRL + R : reverse search
- CTRL + A : Move to beginning of line
- sudo !! : Run previous command with sudo
- CTRL + Z & fg: Move task to background, and bring it back
- https://www.howtogeek.com/howto/ubuntu/keyboard-shortcuts-for-bash-command-shell-for-ubuntu-debian-suse-redhat-linux-etc/
Server
- echo “Test” | write user.name #Send Test to user “user.name”
- echo “Test” | wall #Send a message to the whole server
Network
- ifconfig vs ip command
- List of ports + Known Malicious Use: SpeedGuide Port Database
Script referencing
Tmux
Issues building VMware Workstation on Parrot OS or other Linux distro?
Use the script found on this page:
https://communities.vmware.com/thread/609330
Need to compile/target 32 bit in 64 bit linux distro?
sudo apt-get install gcc-multilib
Windows
- SHIFT+Right Click = Access to Open PowerShell and Linux Shell Here
- Hosts file location: C:\Windows\System32\drivers\etc\
Hyper-V
CTRL + ALT + LEFT to release lock on Hyper-V screen π
- Get Hyper-V VMs IP Address: get-vm | ?{$_.State -eq “Running”} | select -ExpandProperty networkadapters | select vmname, macaddress, switchname, ipaddresses | ft -wrap -autosize
PowerShell
- whoami /all | whoami /all /fo list == Show SAT
whoami /priv == Show privileges
Get-Acl <resource> | Format-List == Show resource’s ACL
Get-SmbShare or \\localhost\HidShare$ or \\ <machine>\HidShare$
net localgroup administrators
net use \\<ip>\ipc$ “” /user:”” Null Session Interprocess comm share
NBTSTAT -A <target.ip> //NetBIOS
dir env:\ or in cmd use “set” // View Env Vars
findstr
help <commandName>
wmic process list full
Network
- netstat -naob == list ports, pid, executable name
References
Use site: followed by your search word. This will only search in that site for the given target word or string.
filtetype:pdf myStrForFileName to find files
Use quotes β β to have your search find the string in the same order
Use * as a wildcard for a word
References: https://support.google.com/websearch/answer/2466433?hl=en&visit_id=1-636359231656004331-872652267&rd=1
Python
https://gto76.github.io/python-cheatsheet/
x64dbg
File Headers
https://en.wikipedia.org/wiki/List_of_file_signatures
Email Parser: https://mha.azurewebsites.net/
https://testconnectivity.microsoft.com/
String & Data Conversions
https://www.asciitohex.com/
https://ss64.com/convert.html
Networking
- TCPDump
- Use -n switch to display IP instead of using name resolution(can be modified and misleading)
- -X to show Hex/Ascii of the packet
- When looking at a packet flags, the . == ack.
i.e. Flags [S.] == SYN/ACK or Flags [ . ] == ACK
- https://www.sans.org/security-resources/tcpip.pdf
Networking References
- Intro to Networking Terminology
- List of Common Ports
- List_of_network_protocols per_OSI_model Layer
- Network_packet
- ICMP Types & Codes
SSH
- ssh-keygen = Generate new private & public key pair
- If you already have a key pair:
- Copy your current “id_rsa” and “id_rsa.pub” to “~/.ssh/” directory
- Run the command: “chmod 400 ~/.ssh/id_rsa” to tighten access
- Run “ssh-add ~/.ssh/id_rsa” to add the keys to the auth agent
VSCode
Building and debugging C/C++ source in Linux
- Create a new file with a “.c” extension
- With that C file open:
- Go to Terminal > Run Build Task… OR ctrl+shift+b
- gcc should pop up, select the little gear/settings in the corner
- This will make a tasks.json in the .vscode folder
- Go to Debug > Start Debugging
- This should make a launch.json
- Now you should be able to hit 5 and debug as you please =)
Crypto
Nice article on how SSL/TLS works from digicert here
Encrypting
https://www.digitalocean.com/community/tutorials/how-to-use-gpg-to-encrypt-and-sign-messages
https://yanhan.github.io/posts/2017-09-27-how-to-use-gpg-to-encrypt-stuff.html
https://www.gnupg.org/gph/en/manual/x110.html
Cheat Sheets
Testing
Scanning
nmap 192.168.1.0/24 | 192.168.1.* | 192.168.1.0-24
-sV : version detection; -PN : no ping ; -sS Stealth ; -sT 3Way OPEN?
-sA send ACKs-sU : UDP scan ; -sn host discovery only; no port scan
-p#s: only scan port#s; –top-ports # : scan only # top ports
-v : verbose output; -T 0-5 scan speed 0=slowest 5=fastest
-oN | -oX | -oG <file>: output to file in Normal, XML or grepable.
-n Do not DNS name resolution (faster)
ndiff priorScan newScan : shows diff between 2 scans
arp-scan [Very Noisy]
netdiscover -p [-p = passive, low key!]
Wireshark
https://wiki.wireshark.org/
Statistics -> Conversations
Statistics -> I/O Graphs