Zero to Hero Flashcards
List out all files in a directory that aren’t all shown in standard ls
ls -la
Copies file into new directory
cp new.txt Desktop/new.txt
move file into new directory
mv new.txt Desktop/new.txt
locate a file
updatedb (to update the command)
locate new.txt
What does this mean?
-rw-r–r–
File owner: read and write
Group Owner: read
All other permissions: read
What does {chmod +x new.txt} do?
It gives all user levels executable permission
-rw-r–r–
—>
-rwxr-xr-x
How can I add a user
adduser bob
how to see all users on the machine?
cat /etc/passwd/
How to see the hash for each user
cat /etc/shadow/
How can I switch users on the machine at the CLI?
su bob
How can I switch back to root user?
su -
How to view recent activity via CLI
cat auth.log
How can I print out my information
ifconfig
How can I limit a ping to 1 packet
ping -c 1 {IP address}
what does arp -a do?
It associates IP addresses with MAC addresses
What does netstat -ano do?
Shows you all the ports that are open and what is connected to those ports
What does route do?
??
How do you check the history of all commands you have run?
history
How can you check the previous times you have run the ping command?
history | grep ping
How would you write the following text “hello world” into a new file named newFile.txt?
echo “hello world” > newFile.txt
How can you add more text to a file without overwriting the existing text?
echo “hello world again”»_space; newFile.txt
what does the {touch} command do?
Allows you to create a new file i.e. touch hello.txt
How could you get rid of a program i.e. impacket?
apt purge impacket
How could you find your IP address?
ifconfig
How do you start a service?
service apache2 start
service ssh start
service postgresql start
How do you configure your services to start automatically when rebooting your computer?
systemctl enable ssh
systemctl enable postgresql
How do you configure your services to start automatically when rebooting your computer?
systemctl enable ssh
systemctl enable postgresql
How could you write the information from a single packet ping into a new text file?
ping -c 1 {IP address} > ip.txt
From this:
PING 192.168.1.254 56(8) bytes of data.
64 bytes from 192.168.1.254: icmp_sequ=1 ttl=128 time=0.594
How can you extract out the IP address?
ping -c -1 192.168.1.254 | grep “64 bytes” | cut -d “ “ -f 4 | tr -d “:”
How could you loop through a list of IP addresses that are up on a network and run nmap on each of them?
for ip in $(cat iplist.txt); nmap -p 80 -F4 $ip & done
What are the five stages of hacking?
- Reconnaissance (passive and active)
- Scanning and enumeration
- Gaining access
- Maintaining access
- Covering tracks
List the components of passive recon for web/host
Target validation - WHOIS, nslookup, dnsrecon
Finding subdomains - Google fu, fig, nmap, sublist3r, bluto, crt.sh
Fingerprinting - nmap, Wappalyzer, WhatWeb, BuiltWith, Netcat
Data breaches - HaveIBeenPwned
What are some ls flags and what do they do?
-l = lists out long format
-a = lists out all file including hidden files
What does theharvester do and what cli do you use?
It finds emails, subdomains and hostname IPs with the given domain name
theharvester -d telsa.com -l 500 -b google
What does bluto do and what cli do you use?
It looks through haveIpwned information, it does active DNS recon (zone transfers) and brute force attacks
bluto
->target Domain: tesla.com
What website can you use to search for subdomains via certificates?
crt.sh
Should you scan TCP, UDP or both?
mostly TCP, but should do both
What types of applications use UDP? and why?
DNS, DHCP, SNMP. Don’t need reliability, just fast connection
What is the process of a TCP connection?
Three way handshake
SYN ->
<- SYN, ACK
ACK ->
How does stealth scanning work?
-> SYN
<- SYN ACK
-> RST
What does the -T4 flag do?
It represents speed T1 - T5 on nmap
How many ports are by default scanned using nmap?
Is the default number good or bad? Why?
‘Top 1000’
Its better to scan more than the default as you may miss some with open connections
What does the -A flag enable in nmap scan?
It enables OS detection, version detection, script scanning and traceroute
It basically means ‘intense’
what does -p- flag do in nmap?
It makes the nmap scan all ports
Explain the concept of staging with nmap.
First, scan all ports to see which are open.
nmap T4 -p- {IP Address}
THEN, scan the ports that are open more intensely.
nmap T4 -p53, 404, 80, 111 {IP Address}
This avoids unnecessarily intensely scanning all unopened ports.
What kind of output does -oA give you with nmap?
normal, XML, s|<rIpt kIddi3, Grepable format
How would you check was rwx right each file has
use ls -l or ls -a
how do you change your password?
passwd
If you have a command in mind, but don’t know exactly what it is, how can you figure it out using the cli?
apropose copy
How do you find out who is logged into your system?
w or who
What does TTY mean and where can you find it?
TTY = teletype and stands for user sessions
You can find it using command w
How do you find the kernal version and name
uname
what does the uptime command do?
Tells you how long the machine has been up, the number of users sessions and average load
How do you find every log in and reboot that has happened in the system
last
How can you find the total storage left in the linux system?
df -h (h = human-readable)
Imagine you need to connect to one of your machines, somewhere in the cloud. How would you go about connecting to that machine securely and getting a shell on it?
Is there a VPN to connect to first?
SSH is standard tool to connect to remote host?
What does the SSH command look like?
How would you authenticate? password/key?
Don’t want root login enabled
what directory am i in?
pwd
how to copy text into an existing file?
echo “G’day” > file.txt
How to copy a file into another directory?
cp {filename} {path}
i.e.
cp file.txt /test/putHere
How would you copy a file from the remote host to another remote host or the work laptop you are currently using?
rsync root@{IP address}:/root/myfile.txt
Say we are on a box that is running Ubuntu, how would you manage services on this box?
systemctl start nginx
systemctl status nginx
curl localhost (check access)
systemctl stop
What is the difference between starting a service and enabling it?
Starting = just starts it for that session
Enabling = starts automatically upon each boot up
How would you see what all the files in var/log are taking up space?
du -sh var/log/*
how to find IP address of the eth0 interface
ip addr show
What is your default route?
ip route show
What is an init system?
init is the first real process that the kernel starts
init is responsible for starting all of the services, units that you expect to have running
init is responsible for reparenting orphaned processes
What is a linux user made of?
It is an entry in a few different text file etc/group, etc/shadow, etc/passwd
What is the shell?
Program that takes your commands and sends them to the operating system. These are launched by the Terminal.
How do you create a file called myfile?
touch myfile
What command can you use to find the file type of a file?
file
How can you read the contents of two files, file1 and file2 combined together?
cat file1 file 2
How do you quit out of a less command?
q
How do you copy myfile into another directory while making sure to notify yourself if there is a file in that directory with another name?
cp -i myfile /home/pictures
How do you copy over all files that have the extension .jpg into another file?
cp *.jpg home/pictures
How do you copy over a directory into another directory?
cp -r directorytoCopy home/directorycopyto
how do you move two files into another directory?
mv file1 file2 /home/..
How do you rename a file or directory?
mv oldfile newfile
mv olddir newdir
how do you make a backup of a folder when moving it?
mv -b dire1 dire2
How do you make subdirectories when making a new directory?
mkdir -p books/hemmingway/favourites
how do you remove a file
and how do you remove a directory?
rm file
rmdir directory
What protection level must a file have to restrict from straight out removing?
and how can you overcome the restriction?
Write-protected
you can overcome it by using the -f flag for force i.e.
rm -f file
How do you find a file in your home folder called puppies.jpg?
find /home -name puppies.jpg
How do you search for a folder called MyFolder in your home directory? You only want to search for directories. How can you do this?
find /home -type d -name Myfolder
What are the 4 main ways you can find information about a command?
pwd –help
help pwd
whatis
man
How do you set an alias for command?
alias foobar=’ls -la’
Note, this wont be saved after reboot
How do you exit from the shell?
exit
or
logout
how to append this text: “sample text” to a file named ‘Mate.txt’?
echo sample text»_space; Mate.txt
How would you redirect an ls call to be printed into a text file?
ls var/log > output.txt
How would you create an empty file?
> someFile.txt
or
touch someFile.txt
how would you read in from one file and paste it into another new file?
cat file1.txt > file2.txt
What are streams?
I/O streams are things like stdin, stdout and stderr
They can be called using file descriptors:
0 = stdin
1 = stdout
2 = stderror
How would you send a stderror to a file?
ls fake/directory 2> peanuts.txt
How would you direct both stdout and stderr to a file?
ls fake/directory &> peanuts.txt
How would you redirect stderror outputs to a special file call?
ls fake/directory 2> /dev/null
How can you see all items in a directory AND stdout it into a file?
ls | tee peanuts.txt
How do find the path to your home directory?
echo $HOME
How do you see your username?
echo $USER
Where do things like $HOME and $USER come from?
environment variables (env)
I have some text in a text file test.txt:
hello world; test
I want to cut out and present the part after ‘;’. how do I do it?
cut -f 2 -d ‘;’ test.txt
how do you paste content?
paste -d ‘ ‘ -s sample2.txt
how do you just display the first, say 20 lines of a cat?
head -n 20 /var/log/syslog
What is the default number of lines shown by the head command?
10
How do you just display the last, say 20 last lines of cat?
tail -n 20 /var/log/syslog
What does the following command do?
$ tail -f /var/log/syslog
It follows the file such that you can see everything that is getting added to that file
How do you join two files by field?
The two files must be ordered i.e.
1 Zac
2 Jack
3 Mack
Simunovic 1
Thackrey 2
James 3
Then do:
join -1 2 -2 1 text1.txt text2.txt
How do you sort text in a file?
How do you reverse sort?
How do you sort via numerical value?
sort file.txt
sort -r file.txt
sort -n file.txt
How do you translate from lower case to upper case?
tr a-z A-Z
hello
How can you remove duplicates from a text file?
unique text.txt
How do you get the number of occurances of a line?
unique -c text.txt
