CLI Flashcards
What is Bash?
Bash is an sh-compatible shell that allows us to run complex commands and perform different tasks from a terminal window. It incorporates useful features from both the KornShell and C shell.
How to view content of given enviroment variables?
echo $PATH
Useful enviroment variables
$USER
$PWD
$HOME
How to display the process ID of the current shell instance?
echo “$$”
What “export” command does?
The export command makes the variable accessible to any subprocesses we might spawn from our current Bash instance. If we set an environment variable without export it will only be available in the current shell.
How to view enviroment variables defined by default in Linux?
By env command.
How to check history of commands that have been entered?
By history command.
How to re-run first command from your history?
!1
How to repeat last command that was executed during terminal session?
!!
Where is command history saved to?
.bash_history in the user home directory.
Two enviroment variables control the history size
HISTSIZE and HISTFILESIZE
HISTSIZE
Controls the number of commands stored in memory for the current session.
HISTFILESIZE
Configures how many commands are kept in the history file.
How to invoke reverse-i-search facility?
CTRL + R
How to inspect your bash history?
By history command
How to use history expansion to re-run a command from it?
!number
Standard Input (STDIN)
Data fed into the program
Standard Output (STDOUT)
Output from the program (defaults to terminal)
Standard Error (STDERR)
Error messages (defaults to terminal)
Standard Error (STDERR)
Error messages (defaults to terminal)
Piping operator
|
Redirection Operators
<>
Which operator is used to save the output to a file to keep it for future?
>
How to save “test” string to file “redirection_test.txt”?
echo “test” > redirection_test.txt
Which operand is used to append additional data to an existing file?
> >
How to append two lines of strings, to one file names “redirection_test.txt”?
echo “1”»_space; redirection_test.txt
echo “2”»_space; redirection_test.txt
What is doing “wc” command?
Print newline, word, and byte counts for each file.
How to redirect standard error (STDERR) to file?
ls ./test 2>error.txt
File Descriptor for STDIN?
0
File Descriptor for STDOUT?
1
File Descriptor for STDERR?
2
What is POSIX?
Portable Operating System Interface for UNIX
How to count by “wc” file.txt and return the data to “count.txt” using piping?
cat file.txt | wc -m > count.txt
How to use a cat command in conjuction with sort to reorder the content of the /etc/passwd?
sudo cat /etc/passwd | sort 1>passwd.txt
Text Searching and Manipulation main commands
grep
sed
cut
awk
What is regular expression?
A regular expression is a special text string for describing a search pattern.
What is grep?
In a nutshell, grep searches text files for the occurrence of a given regular expression and outputs any line containing a match to the standard output, which is usually the terminal screen.
grep -r stands for?
Recursive searching
grep -i stands for?
Ignore test case.
How to list all files in the /usr/bin directory and pipe the output, which searches for any line containing the string “zip”?
ls -la /usr/bin | grep zip
What is sed?
Sed is a powerful stream editor. It is also very complex. At a very high level, sed performs text editing on a stream of text, either a set of specific files or standard output.
How to create a stream of text “I need to try hard”?
echo “I need to try hard”
How to replace word “hard” with “harder” by sed?
sed ‘s/hard/harder/’
How to create a stream of text “I need to try harder” using the echo command and then pipe it to sed in order to replace the word “hard” with “harder”?
echo “I need to try hard” | sed ‘s/hard/harder’
What is cut?
The cut command is simple, but often comes in quite handy. It is used to extract a section of text from a line and output it to the standard output.
Most commonly-used switches for cut?
- f
- d
What -f switch means in cut command?
Field Number
What -d switch means in cut command?
Field Delimiter
How to extract list of users on Linux system?
cut -d “:” -f 1 /etc/passwd
What is the output of this command?
echo “I hack binaries,web apps,mobile apps, and just about anything else”| cut -f 2 -d “,”
web apps
What is the field delimiter in this command?
echo “I hack binaries,web apps,mobile apps, and just about anything else”| cut -f 2 -d “,”
(,)
What is AWK?
AWK is a programming language designed for text processing and is typically used as a data extraction and reporting tool. It is also extremely powerful and can be quite complex.
Commonly used switch with AWK?
-F
What is -F switch in awk?
Field separator, and the print command, which outputs the result text.
What is the output of this command?
echo “hello::there::friend” | awk -F “::” ‘{print $1, $3}’
hello friend
What is the difference between cut and awk?
Awk is much more flexible.
What does the head command do?
The head command displays the first 10 lines in a file.
What does wc -l command do?
Display the total number of lines in a file.
What gunzip command do?
Comrpess or expand files.
Gunzip alternatives
gzip, zcat
How to unzip “access_log.txt.gz”
gunzip access_log.txt.gz
How to print first 10 lines of file “access.log”?
head access.log
What sort -u do?
Sorts and showing only unique lines.
What does uniq command do?
Report or omit repeated lines.
What the -c option for uniq do?
This will prefix the output line with the number of occurrences.
What command using /etc/passwd, extract the user and home directory fields for all users on your Linux.
cat /etc/passwd | awk -F “:” ‘{print “The user “ $1, “ home directory is “ $6}’
How to copy the /etc/passwd file to your home directory (/home/kali)?
cp /etc/passwd /home/kali/passwd
How to use cat in a one-liner to print the output of the /kali/passwd and replace all instances of the “Light Display Manager” string with “LDM”.
cat passwd | sed -i ‘s/Light Display Manager/LDM/g’ passwd
Linux Text Editors
gedit
leafpad
nano
vi
What is nano?
Nano is one of the simplest-to-use text editors.
What does CTRL + O shortcut in nano?
Write changes to the file.
What does CTRL + K shortcut in nano?
Cut the current line.
What does CTRL + U shortcut in nano?
Un-cut a line and paste it at the cursor location.
What does CTRL + W shortcut in nano?
Search.
What does CTRL + X shortcut in nano?
Exit.
What is vi?
Vi is an extremely powerful text editor, capable of blazing speed especially when it comes to automating repetitive tasks. However, it has a relatively steep learning curve and is nowhere near as simple to use as Nano.
How to enable insert-text mode to begin typing in vi?
Press I key and start typing away.
How to disable insert-text mode and go back to command mode?
Press the ESC key.
What does dd in command mode in vi?
Delete the current line.
What does yy in command mode in vi?
Copy the current line.
What does p in command mode in vi?
Paste the clipboard contents.
What does x in command mode in vi?
Delete the current character.
What does :w in command mode in vi?
Write the current file to disk and stay in vi.
What does :q! in command mode in vi?
Quit without writing the file to disk.
What does :wq in command mode in vi?
Save and quit.
Why use vi?
Vi can save a great deal of time in the hands of experienced user and vi is installed on every POSIX-compliant system.
What does comm command?
Comm command compares two text files, displaying the lines that are unique to each one, as well as the lines they have in common. It outputs three space-offset columns: the first contains lines that are unique to the first file or argument; the second contains lines that are unique to the second file or argument; and the third column contains lines that are shared by both files. The -n switch, where “n” is either 1, 2, or 3, can be used to suppress one or more columns, depending on the need.
How to scan with comm two text files “scan-a.txt”, “scan-b.txt” and check uniques?
comm scan-a.txt scan-b.txt
How to scan with comm two text files “scan-a.txt”, “scan-b.txt” and display only the lines that were found in both files?
comm -12 scan-a.txt scan-b.txt
What is diff comand used to?
The diff command is used to detect differences between files, similar to the comm command. However, diff is much more complex and supports many output formats.
Two of the most popular formats of diff?
context format (-c) unified format (-u)
The most notable difference between unified and context format?
The most notable difference between these formats is that the unified format does not show lines that match between files, making the results shorter. The indicators have identical meaning in both formats.
What does vimdiff?
Vimdiff opens vim with multiple files, one in each window. The differences between files are highlighted, which makes it easier to visually inspect them.
What do shortcut in vim does?
Gets changes from the other window into the current one.
What dp shortcut in vim does?
Puts the changes from the current window into the other one.
What ]c shortcut in vim does?
Jumps to the next change.
What [c shortcut in vim does?
Jumps to the previous change.
What CTRL + W shortcut in vim does?
Switches to the other split window.
How to check two text files “scan-a.txt” and “scan-b.txt” with vimdiff?
vimdiff scan-a.txt scan-b.txt
What is PID?
Process ID
How to create a backgrounding process?
Append ampersand to the end of the command.
How to sent 400 ICMP echo requests to the local interface with the ping command and wrote the results to a file called ping_results.txt using backgrounding processes?
ping -c 400 localhost > ping_results.txt &
What is a shortcut for canceling operations in Terminal?
CTRL + C
What is the shortcut to suspend a job in Terminal?
CTRL + Z
What is the shortcut to suspend a job in Terminal?
CTRL + Z
How to check backgrounding processes?
By bg command.
How to quickly check the status of ICMP echo requests?
By “jobs” and “fg” commands.
What is “jobs” command used to?
To look at jobs.
What is “fg” command used to?
To bring one job into the foreground.
What the “^C” character represents?
Keystroke combination CTRL + C.
By which shortcut can we terminate a long-running process and regain control of the terminal?
CTRL + C
One of the most useful commands to monitor processes on mostly any Unix-like operating system?
ps (short for process status).
What ps do?
ps lists processes systemwide, not only for the current terminal session.
What are the first things to check after obtaining remote access to a system?
Understand what software is currently running on the compromised machine. This could
help us elevate our privileges or collect additional information in order to acquire further access
into the network.
What the -e option do in ps?
Select all processes.
What the -f option do in ps?
Display full format listing (UID, PID, PPID, etc.)
What the -C option do in ps?
Select by command name.
How to stop the Leafpad process without interacting with the GUI?
kill leafpad_pid
What kill command do?
Send a specific signal to a process.
What is the default signal to kill?
SIGTERM (request termination).
How to run a command in the background?
bigjob &
How to find files that have changed on your Kali virtual machine within the past 7 days?
find / -mtime -7
How to find files that have changed on your Kali virtual machine within the past 7 days by running a
specific command in the background?
find / -mtime -7 &
How to find files and directories modified more than n days ago?
find / -mtime +n
How to find the files and directories modified less than n days ago?
find / -mtime -n
How to get the files modified on ‘2019-07-24’?
find . -type f -newermt 2019-07-24 ! -newermt 2019-07-25
How to show the long format of the files and to sort the output by modification time by ls?
ls -lt
How to filter listing based on a specific date or time by applying the grep command by date?
ls -lt | grep ‘Jul 27’
How to filter listing based on a specific date or time by applying the grep command by time?
ls -lt | grep ‘17:’
How to enable the recursive capability on the ls command?
ls -R
How to check “Firefox” PID?
ps -ef | grep firefox
How to terminate Firefox via CLI using its PID?
kill firefox_process_id
Commands to monitor files and commands in real-time.
tail and watch.
What tail command do?
The most common use of tail is to monitor log file entries as they are being written. For example, we may want to monitor the Apache logs to see if a web server is being contacted by a given client we are attempting to attack via a client-side exploit.
What -f option in tail do?
The -f option (follow) is very useful as it continuously updates the output as the target file grows.
What -nX option in tail do?
-nX, which outputs the last “X” number of lines, instead of the default value of 10.
What the watch command is used to?
The watch command is used to run a designated command at regular intervals.
Which option specify different intervals for watch?
-n X option to have it run every “X” number of seconds.
How to list logged-in users?
By “w” command.
How to list logged-in users once every 5 seconds?
watch -n 5 w
How to start apache2 web service?
sudo systemctl start apache2
How to monitor apache2 access.log file in real-time?
watch tail /var/log/apache2/access.log
How to use a combination of watch and ps to monitor the most CPU-intensive processes on your
Kali machine in a terminal window?
watch “ps aux | sort -nrk 3,3”
Commands for downloading files?
wget
curl
axel
What is wget command doing?
Downloads files using the HTTP/HTTPS and FTP protocols.
What “wget -O” does?
Downloads files using the HTTP/HTTPS and FTP protocols. “wget” along with the -O switch save the destination
file with a different name on the local machine.
What is curl?
curl is a tool to transfer data to or from a server using a host of protocols including IMAP/S, POP3/S, SCP, SFTP, SMB/S, SMTP/S, TELNET, TFTP, and others. A penetration tester can use this to download or upload files and build complex requests.
What is axel?
axel is a download accelerator that transfers a file from a FTP or HTTP server through multiple connections.
For what “-n” option in “axel” is used?
-n is used to specify the number of multiple connections to use.
For what “-a” option in “axel” is used?
For a more concise progress indicator.
For what “-o” option in “axel” is used?
To specify a different file name for the downloaded file.
Using “axel” initialise 20 multiple connections and save the file named “report.pdf” from the link “https://www.facebook.com/reports/report.pdf”.
axel -a -n 20 -o report.pdf https://www.facebook.com/reports/report.pdf
Using “curl” download the file from the link “https://facebook.com/report/report.pdf” and save it under the name “report.pdf”.
curl -o report.pdf https://facebook.com/report/report.pdf
Using “wget” download the file from the link “https://facebook.com/report/report.pdf” and save it under the name “report_wget.pdf”.
wget -O report_wget.pdf https://facebook.com/report/report.pdf
What is PoC code?
PoC code is a term used to describe a code that was developed to demonstrate security flaws in software or networks during a PoC exploit. IT departments use it to simulate attacks to identify vulnerabilities and patch them. PoC code can also be used to determine a threat level.
Where can you download the PoC code for an exploit?
https://www.exploit-db.com
By which commands can you download an exploit from exploit-db?
curl
wget
axel
What is HISTCONTROL?
The HISTCONTROL variable defines whether or not to remove duplicate commands, commands that begin with spaces from the history, or both. By default, both are removed but you may find it more useful to only omit duplicates.
How to use HISTCONTROL to remove duplicates from bash history?
export HISTCONTROL=ignoredups
What the HISTIGNORE is for?
The HISTIGNORE variable is particularly useful for filtering out basic commands that are run frequently, such as ls, exit, history, bg, etc.
How to use HISTIGNORE to filter basic, common commands? E.g. ls, pwd, history, exit, bg.
export HISTIGNORE=”&:ls:[bf]g:exit:history”
What the HISTTIMEFORMAT do?
HISTTIMEFORMAT controls date and/or time stamps in the output of the history command.
How to use HISTTIMEFORMAT to include the date/time in bash history.
export HISTTIMEFORMAT=’%F %T ‘
What %F stands for in HISTTIMEFORMAT?
Year-Month-Day ISO 8601 format
What %T stands for in HISTTIMEFORMAT?
24-hour time
Where can you search for time formats for history command?
man history 3
What is alias?
An alias is a string we can define that replaces a command name. Aliases are useful for replacing commonly-used commands and switches with a shorter command, or alias, that we define. In other words, an alias is a command that we define ourselves, built from other commands.
How to replace “ls -la” command by “lsa” using “alias”?
alias lsa=’ls -la’
How to define your own command “lsa” which is doing “ls” but with “-la” option without having to type any arguments at all?
alias lsa=’ls -la’
How to check the list of defined aliases?
alias
How to unset an alias “mkdir”?
unalias mkdir
The behavior of interactive shells in Bash is determined by the system-wide _ file?
bashrc
Where bashrc is located?
In /etc/bash.bashrc.
How to override system-wide Bash settings?
Edit .bashrc file.
When .bashrc script is executed?
Everytime user logs in.
What type of file is .bashrc?
Shell script.
What is the default path of .bashrc?
/home/kali/.bashrc
How to examine the .bashrc default file?
cat ~/.bashrc
How to create an alias named “..” to change to the parent directory and make it persistent across terminal sessions?
Add in .bashrc alias ..=”cd ..”
How to permanently configure the history command to store 10000 entries and include full date in its output?
Add to .bashrc “export HISTSIZE=10000” and “export HISTTIMEOFRMAT=’%F %T ‘”
How to print PATH enviroment variable?
echo $PATH
How to print USER enviroment variable?
echo $USER
How to print PWD enviroment variable?
echo $PWD
How to print HOME enviroment variable?
echo $HOME
What is sed?
Stream editor.
Print “hello::there::friend” and print only “hello friend” using echo and awk.
echo “hello::there::friend” | awk -F “::” ‘{print $1, $3}’
How to count lines in “access.log” file?
wc -l access.log
How to count lines in “access.log” file?
wc -l access.log
How to list all jobs running in current session?
jobs
How to continue second stopped job?
fg %2
