diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index a2d3f87..86f023e 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,7 +1,8 @@ Contributing ============ If you would like to contribute cheetsheets or program functionality, please -fork this repository, make your changes, and submit a pull request. +fork this repository, make your changes, and submit a pull request against the +`master` branch. ## Python standards ## @@ -22,4 +23,7 @@ tar -cvf /path/to/foo.tar /path/to/foo/ tar -xzvf /path/to/foo.tgz ``` +If you are submitting a cheatsheet that contains side-by-side columns of text, +please align the columns using spaces rather than tabs. + [PEP 8]: http://legacy.python.org/dev/peps/pep-0008/ diff --git a/bin/cheat b/bin/cheat index a14e3a9..9213639 100755 --- a/bin/cheat +++ b/bin/cheat @@ -42,7 +42,7 @@ from docopt import docopt if __name__ == '__main__': # parse the command-line options - options = docopt(__doc__, version='cheat 2.2.0') + options = docopt(__doc__, version='cheat 2.2.3') # list directories if options['--directories']: diff --git a/cheat/cheatsheets/alias b/cheat/cheatsheets/alias new file mode 100644 index 0000000..9bd98c1 --- /dev/null +++ b/cheat/cheatsheets/alias @@ -0,0 +1,5 @@ +# Show a list of your current shell aliases +alias + +# Map `ll` to `ls -l` (Can be used per session or put inside a shell config file) +alias ll='ls -l' diff --git a/cheat/cheatsheets/cat b/cheat/cheatsheets/cat new file mode 100644 index 0000000..69a25d0 --- /dev/null +++ b/cheat/cheatsheets/cat @@ -0,0 +1,8 @@ +# Display the contents of a file +cat /path/to/foo + +# Display contents with line numbers +cat -n /path/to/foo + +# Display contents with line numbers (blank lines excluded) +cat -b /path/to/foo diff --git a/cheat/cheatsheets/cd b/cheat/cheatsheets/cd new file mode 100644 index 0000000..d07a168 --- /dev/null +++ b/cheat/cheatsheets/cd @@ -0,0 +1,11 @@ +#Go to the given directory +cd path/to/directory + +#Go to home directory of current user +cd + +#Go up to the parent of the current directory +cd .. + +#Go to the previously chosen directory +cd - diff --git a/cheat/cheatsheets/cp b/cheat/cheatsheets/cp new file mode 100644 index 0000000..7003e2c --- /dev/null +++ b/cheat/cheatsheets/cp @@ -0,0 +1,11 @@ +# Create a copy of a file +cp ~/Desktop/foo.txt ~/Downloads/foo.txt + +# Create a copy of a directory +cp -r ~/Desktop/cruise_pics/ ~/Pictures/ + +# Create a copy but ask to overwrite if the destination file already exists +cp -i ~/Desktop/foo.txt ~/Documents/foo.txt + +# Create a backup file with date +cp foo.txt{,."$(date +%Y%m%d-%H%M%S)"} diff --git a/cheat/cheatsheets/crontab b/cheat/cheatsheets/crontab index 01c75ed..6ddb6b6 100644 --- a/cheat/cheatsheets/crontab +++ b/cheat/cheatsheets/crontab @@ -16,7 +16,7 @@ SHELL=/bin/bash */15 * * * * /home/user/command.sh # every midnight -* 0 * * * /home/user/command.sh +0 0 * * * /home/user/command.sh # every Saturday at 8:05 AM 5 8 * * 6 /home/user/command.sh diff --git a/cheat/cheatsheets/cryptsetup b/cheat/cheatsheets/cryptsetup new file mode 100644 index 0000000..1f773a9 --- /dev/null +++ b/cheat/cheatsheets/cryptsetup @@ -0,0 +1,8 @@ +# open encrypted partition /dev/sdb1 (reachable at /dev/mapper/backup) +cryptsetup open --type luks /dev/sdb1 backup + +# open encrypted partition /dev/sdb1 using a keyfile (reachable at /dev/mapper/hdd) +cryptsetup open --type luks --key-file hdd.key /dev/sdb1 hdd + +# close luks container at /dev/mapper/hdd +cryptsetup close hdd diff --git a/cheat/cheatsheets/curl b/cheat/cheatsheets/curl index deae389..c8c281f 100644 --- a/cheat/cheatsheets/curl +++ b/cheat/cheatsheets/curl @@ -33,3 +33,9 @@ curl http://ifconfig.me/all/json # Limit the rate of a download curl --limit-rate 1000B -O http://path.to.the/file + +# Get your global IP +curl httpbin.org/ip + +# Get only the HTTP status code +curl -o /dev/null -w '%{http_code}\n' -s -I URL diff --git a/cheat/cheatsheets/dd b/cheat/cheatsheets/dd index a557e13..88d7f4a 100644 --- a/cheat/cheatsheets/dd +++ b/cheat/cheatsheets/dd @@ -1,7 +1,7 @@ # Read from {/dev/urandom} 2*512 Bytes and put it into {/tmp/test.txt} # Note: At the first iteration, we read 512 Bytes. # Note: At the second iteration, we read 512 Bytes. -dd if=/dev/urandom of=/tmp/test.txt count=512 bs=2 +dd if=/dev/urandom of=/tmp/test.txt count=2 bs=512 # Watch the progress of 'dd' dd if=/dev/zero of=/dev/null bs=4KB &; export dd_pid=`pgrep '^dd'`; while [[ -d /proc/$dd_pid ]]; do kill -USR1 $dd_pid && sleep 1 && clear; done diff --git a/cheat/cheatsheets/deb b/cheat/cheatsheets/deb index 7e4c761..f2e5d9d 100644 --- a/cheat/cheatsheets/deb +++ b/cheat/cheatsheets/deb @@ -1,3 +1,7 @@ # Extract contents of a .deb file $ ar vx foo.deb # -> data.tar.gz $ tar xf data.tar.gz + +# Install .deb file to a debian like system, e.g. ubuntu +$ sudo dpkg -i foo.deb +$ sudo apt-get install -f diff --git a/cheat/cheatsheets/emacs b/cheat/cheatsheets/emacs index 4201c0a..454d9b5 100644 --- a/cheat/cheatsheets/emacs +++ b/cheat/cheatsheets/emacs @@ -1,12 +1,19 @@ +# Running emacs + + GUI mode $ emacs + Terminal mode $ emacs -nw + # Basic usage Indent Select text then press TAB Cut CTRL-w Copy ALT-w Paste ("yank") CTRL-y + Begin selection CTRL-SPACE Search/Find CTRL-s Replace ALT-% (ALT-SHIFT-5) Save CTRL-x CTRL-s + Save as CTRL-x CTRL-w Load/Open CTRL-x CTRL-f Undo CTRL-x u Highlight all text CTRL-x h @@ -15,7 +22,7 @@ Font size bigger CTRL-x CTRL-+ Font size smaller CTRL-x CTRL-- -# Buffers +# Buffers Split screen vertically CTRL-x 2 Split screen vertically with 5 row height CTRL-u 5 CTRL-x 2 @@ -23,11 +30,21 @@ Split screen horizontally with 24 column width CTRL-u 24 CTRL-x 3 Revert to single screen CTRL-x 1 Hide the current screen CTRL-x 0 - Kill the current screen CTRL-x k - Move to the next buffer CTRL-x O + Move to the next screen CTRL-x o + Kill the current buffer CTRL-x k Select a buffer CTRL-x b Run command in the scratch buffer CTRL-x CTRL-e +# Navigation ( backward / forward ) + + Character-wise CTRL-b , CTRL-f + Word-wise ALT-b , ALT-f + Line-wise CTRL-p , CTRL-n + Sentence-wise ALT-a , ALT-e + Paragraph-wise ALT-{ , ALT-} + Function-wise CTRL-ALT-a , CTRL-ALT-e + Line beginning / end CTRL-a , CTRL-e + # Other stuff Open a shell ALT-x eshell diff --git a/cheat/cheatsheets/export b/cheat/cheatsheets/export new file mode 100644 index 0000000..14d3d71 --- /dev/null +++ b/cheat/cheatsheets/export @@ -0,0 +1,5 @@ +# Calling export with no arguments will show current shell attributes +export + +# Create new environment variable +export VARNAME="value" diff --git a/cheat/cheatsheets/find b/cheat/cheatsheets/find index 42e886a..d1f0693 100644 --- a/cheat/cheatsheets/find +++ b/cheat/cheatsheets/find @@ -19,11 +19,11 @@ find ./path/ -name '*.txt' -exec rm '{}' \; # To find files with extension '.txt' and look for a string into them: find ./path/ -name '*.txt' | xargs grep 'string' -# To find files with size bigger than 5 Mb and sort them by size: +# To find files with size bigger than 5 Mebibyte and sort them by size: find . -size +5M -type f -print0 | xargs -0 ls -Ssh | sort -z -# To find files bigger thank 2 MB and list them: -find . -type f -size +20000k -exec ls -lh {} \; | awk '{ print $9 ": " $5 }' +# To find files bigger than 2 Megabyte and list them: +find . -type f -size +200000000c -exec ls -lh {} \; | awk '{ print $9 ": " $5 }' # To find files modified more than 7 days ago and list file information find . -type f -mtime +7d -ls diff --git a/cheat/cheatsheets/for b/cheat/cheatsheets/for index 2ca31ff..34902b5 100644 --- a/cheat/cheatsheets/for +++ b/cheat/cheatsheets/for @@ -10,8 +10,26 @@ do echo $var done +# loop over all the JPG files in the current directory +for jpg_file in *.jpg +do + echo $jpg_file +done + # loop specified number of times for i in `seq 1 10` do echo $i done + +# loop specified number of times: the C/C++ style +for ((i=1;i<=10;++i)) +do + echo $i +done + +# loop specified number of times: the brace expansion +for i in {1..10} +do + echo $i +done diff --git a/cheat/cheatsheets/gyb b/cheat/cheatsheets/gyb new file mode 100644 index 0000000..2fe9f8a --- /dev/null +++ b/cheat/cheatsheets/gyb @@ -0,0 +1,12 @@ +# To estimate the number and the size of all mails on youremail@gmail.com +gyb --email youremail@gmail.com --action estimate + +# To backup from youremail@gmail.com to your local-folder +gyb --email youremail@gmail.com --action backup --local-folder "~/MyLocalFolder/" + +# To backup from youremail@gmail.com only important or starred emails to the +# default local folder GYB-GMail-Backup-youremail@gmail.com +gyb --email youremail@gmail.com --search "is:important OR is:starred" + +# To restore from your local-folder to youremail@gmail.com +gyb --email youremail@gmail.com --action restore --local-folder "~/MyLocalFolder/" diff --git a/cheat/cheatsheets/iconv b/cheat/cheatsheets/iconv new file mode 100644 index 0000000..7b20584 --- /dev/null +++ b/cheat/cheatsheets/iconv @@ -0,0 +1,3 @@ +# To convert file (iconv.src) from iso-8859-1 to utf-8 and save to +# /tmp/iconv.out +iconv -f iso-8859-1 -t utf-8 iconv.src -o /tmp/iconv.out diff --git a/cheat/cheatsheets/kill b/cheat/cheatsheets/kill new file mode 100644 index 0000000..d80510e --- /dev/null +++ b/cheat/cheatsheets/kill @@ -0,0 +1,5 @@ +# Kill a process gracefully +kill -15 + +# Kill a process forcefully +kill -9 diff --git a/cheat/cheatsheets/lsblk b/cheat/cheatsheets/lsblk new file mode 100644 index 0000000..b40fe86 --- /dev/null +++ b/cheat/cheatsheets/lsblk @@ -0,0 +1,21 @@ +# Show all available block devices along with their partitioning schemes +lsblk + +# To show SCSI devices: +lsblk --scsi + +# To show a specific device +lsblk /dev/sda + +# To verify TRIM support: +# Check the values of DISC-GRAN (discard granularity) and DISC-MAX (discard max bytes) columns. +# Non-zero values indicate TRIM support +lsblk --discard + +# To featch info about filesystems: +lsblk --fs + +# For JSON, LIST or TREE output formats use the following flags: +lsblk --json +lsblk --list +lsblk --tree # default view diff --git a/cheat/cheatsheets/markdown b/cheat/cheatsheets/markdown index 917fcf1..7f178e3 100644 --- a/cheat/cheatsheets/markdown +++ b/cheat/cheatsheets/markdown @@ -38,7 +38,7 @@ This is [an example](http://example.com "Title") inline link. # image ![Alt Text](/path/to/file.png) -# emphasis +# formatting *em* _em_ - **strong** __strong__ +~~strikethrough~~ diff --git a/cheat/cheatsheets/mutt b/cheat/cheatsheets/mutt new file mode 100644 index 0000000..9b8b8a8 --- /dev/null +++ b/cheat/cheatsheets/mutt @@ -0,0 +1,22 @@ +# Create new mailbox in IMAP + + When located in mailbox list (c) + shift + C + +# Move multiple messages to folder (bulk operations) + + 1. Select/tag them with alt+'t' + 2. ;s in mail inbox overview for bulk operation + +# Deleting / Undeleting all messages in mutt + + 1. In mutt’s index, hit ‘D’ (UPPERCASE D) + 2. It will prompt you with “Delete messages matching: “ + + + enter this string: + + ~A + + 3. It should mark all for deletion! + + + 4. Conversely, you can do the same thing with UPPERCASE U to undelete multiple messages. diff --git a/cheat/cheatsheets/mv b/cheat/cheatsheets/mv new file mode 100644 index 0000000..5a79545 --- /dev/null +++ b/cheat/cheatsheets/mv @@ -0,0 +1,17 @@ +# Move a file from one place to another +mv ~/Desktop/foo.txt ~/Documents/foo.txt + +# Move a file from one place to another and automatically overwrite if the destination file exists +# (This will override any previous -i or -n args) +mv -f ~/Desktop/foo.txt ~/Documents/foo.txt + +# Move a file from one place to another but ask before overwriting an existing file +# (This will override any previous -f or -n args) +mv -i ~/Desktop/foo.txt ~/Documents/foo.txt + +# Move a file from one place to another but never overwrite anything +# (This will override any previous -f or -i args) +mv -n ~/Desktop/foo.txt ~/Documents/foo.txt + +# Move listed files to a directory +mv -t ~/Desktop/ file1 file2 file3 diff --git a/cheat/cheatsheets/mysql b/cheat/cheatsheets/mysql index 9ad46d9..3ef2a2c 100644 --- a/cheat/cheatsheets/mysql +++ b/cheat/cheatsheets/mysql @@ -28,4 +28,10 @@ INSERT INTO tbl_name (col1,col2) VALUES(15,col1*2); UPDATE tbl_name SET col1 = "example"; # Basic DELETE Statement -DELETE FROM tbl_name WHERE user = 'jcole'; \ No newline at end of file +DELETE FROM tbl_name WHERE user = 'jcole'; + +# To check stored procedure +SHOW PROCEDURE STATUS; + +# To check stored function +SHOW FUNCTION STATUS; diff --git a/cheat/cheatsheets/nmcli b/cheat/cheatsheets/nmcli index 3623470..9fd94ce 100644 --- a/cheat/cheatsheets/nmcli +++ b/cheat/cheatsheets/nmcli @@ -34,7 +34,10 @@ nmcli dev status # Add a dynamic ethernet connection - parameters: # -- the name of the connection # -- the name of the interface -ncmli con add type ethernet con-name ifname +nmcli con add type ethernet con-name ifname + +# Import OpenVPN connection settings from file: +nmcli con import type openvpn file # Bring up the ethernet connection nmcli con up diff --git a/cheat/cheatsheets/openssl b/cheat/cheatsheets/openssl index 9254c1c..3d97e5b 100644 --- a/cheat/cheatsheets/openssl +++ b/cheat/cheatsheets/openssl @@ -15,6 +15,9 @@ openssl req -text -noout -in server.csr # To show certificate information for generated certificate openssl x509 -text -noout -in server.crt +# To get the sha256 fingerprint of a certificate +openssl x509 -in server.crt -noout -sha256 -fingerprint + # To view certificate expiration: echo | openssl s_client -connect :443 2> /dev/null | \ awk '/-----BEGIN/,/END CERTIFICATE-----/' | \ diff --git a/cheat/cheatsheets/perl b/cheat/cheatsheets/perl new file mode 100644 index 0000000..bd7edc7 --- /dev/null +++ b/cheat/cheatsheets/perl @@ -0,0 +1,8 @@ +# To view the perl version: +perl -v + +# Replace string "\n" to newline +echo -e "foo\nbar\nbaz" | perl -pe 's/\n/\\n/g;' + +# Replace newline with multiple line to space +cat test.txt | perl -0pe "s/test1\ntest2/test1 test2/m" diff --git a/cheat/cheatsheets/pgrep b/cheat/cheatsheets/pgrep new file mode 100644 index 0000000..853f758 --- /dev/null +++ b/cheat/cheatsheets/pgrep @@ -0,0 +1,5 @@ +# Get a list of PIDs matching the pattern +pgrep example + +# Kill all PIDs matching the pattern +pgrep -f example | xargs kill diff --git a/cheat/cheatsheets/pip b/cheat/cheatsheets/pip index e5b5009..a4a4dfb 100644 --- a/cheat/cheatsheets/pip +++ b/cheat/cheatsheets/pip @@ -23,5 +23,8 @@ pip list --outdated # Upgrade all outdated packages, thanks to http://stackoverflow.com/a/3452888 pip freeze --local | grep -v '^\-e' | cut -d = -f 1 | xargs -n1 pip install -U +# Upgrade outdated packages on latest version of pip +pip list --outdated --format=freeze | cut -d = -f 1 | xargs -n1 pip install -U + # Install specific version of a package pip install -I SomePackage1==1.1.0 'SomePackage2>=1.0.4' diff --git a/cheat/cheatsheets/pkill b/cheat/cheatsheets/pkill new file mode 100644 index 0000000..f24a03f --- /dev/null +++ b/cheat/cheatsheets/pkill @@ -0,0 +1,5 @@ +# To kill a process using it's full process name +pkill + +# To kill a process by it's partial name +pkill -f diff --git a/cheat/cheatsheets/psql b/cheat/cheatsheets/psql new file mode 100644 index 0000000..89a545a --- /dev/null +++ b/cheat/cheatsheets/psql @@ -0,0 +1,26 @@ +# psql is the PostgreSQL terminal interface. The following commands were tested on version 9.5. +# Connection options: +# -U username (if not specified current OS user is used). +# -p port. +# -h server hostname/address. + +# Connect to a specific database: +psql -U postgres -h serverAddress -d dbName + +# Get databases on a server: +psql -U postgres -h serverAddress --list + +# Execute sql query and save output to file: +psql -U postgres -d dbName -c 'select * from tableName;' -o fileName + +# Execute query and get tabular html output: +psql -U postgres -d dbName -H -c 'select * from tableName;' + +# Execute query and save resulting rows to csv file: +psql -U postgres -d dbName -t -A -P fieldsep=',' -c 'select * from tableName;' -o fileName.csv + +# Read commands from file: +psql -f fileName + +# Restore databases from file: +psql -f fileName.backup postgres diff --git a/cheat/cheatsheets/pwd b/cheat/cheatsheets/pwd new file mode 100644 index 0000000..f672c88 --- /dev/null +++ b/cheat/cheatsheets/pwd @@ -0,0 +1,2 @@ +# Show the absolute path of your current working directory on the filesystem +pwd diff --git a/cheat/cheatsheets/r2 b/cheat/cheatsheets/r2 new file mode 100644 index 0000000..402a916 --- /dev/null +++ b/cheat/cheatsheets/r2 @@ -0,0 +1,936 @@ +# Command Line options + -L: List of supported IO plugins + + -q: Exit after processing commands + + -w: Write mode enabled + + -i: Interprets a r2 script + + -A: Analize executable at load time (xrefs, etc) + + -n: Bare load. Do not load executable info as the entrypoint + + -c'cmds': Run r2 and execute commands (eg: r2 -wqc'wx 3c @ main') + + -p: Creates a project for the file being analyzed (CC add a comment when opening a file as a project) + + -: Opens r2 with the malloc plugin that gives a 512 bytes memory area to play with (size can be changed); Similar to r2 malloc://512 + +----------------------------------------------------------------------------------------------------------------------------- + +# Configuration properties + e: Returs configuration properties + + e : Checks a specific property: + e asm.tabs => false + + e =: Change property value + e asm.arch=ppc + + e? help about a configuration property + e? cmd.stack + + + + # Show comments at right of disassembly if they fit in screen + e asm.cmtright=true + + # Shows pseudocode in disassembly. Eg mov eax, str.ok = > eax = str.ok + e asm.pseudo = true + + # Display stack and register values on top of disasembly view (visual mode) + e cmd.stack = true + + # Solarized theme + eco solarized + + # Use UTF-8 to show cool arrows that do not look like crap :) + e scr.utf8 = true + +----------------------------------------------------------------------------------------------------------------------------- + +# Basic Commands + + ; Command chaining: x 3;s+3;pi 3;s+3;pxo 4; + + | Pipe with shell commands: pd | less + + ! Run shell commands: !cat /etc/passwd + + !! Escapes to shell, run command and pass output to radare buffer + + Note: The double exclamation mark tells radare to skip the plugin list to find an IO plugin handling this + command to launch it directly to the shell. A single one will walk through the io plugin list. + + ` Radare commands: wx `!ragg2 -i exec` + + ~ grep + + ~! grep -v + + ~[n] grep by columns afl~[0] + + ~:n grep by rows afl~:0 + + ~.. less/more mode + + +------------------------------------------------------------------- + + pi~mov,eax ; lines with mov or eax + pi~mov&eax ; lines with mov and eax + pi~mov,eax:6 ; 6 first lines with mov or eax + pd 20~call[0]:0 ; grep first column of the first row matching 'call' + + +------------------------------------------------------------------- + + .cmd Interprets command output + + +------------------------------------------------------------------- + + is* prints symbolos + .is* interprets output and define the symbols in radare (normally they are already loaded if r2 was not invoked with -n) + + +------------------------------------------------------------------- + + .. repeats last commands (same as enter \n) + + ( Used to define and run macros + + $ Used to define alias + + $$: Resolves to current address + + Offsets (@) are absolute, we can use $$ for relative ones @ $$+4 + + ? Evaluate expression + +------------------------------------------------------------------- + + [0x00000000]> ? 33 +2 + 35 0x23 043 0000:0023 35 00100011 35.0 0.000000 + Note: | and & need to be escaped + + +------------------------------------------------------------------- + + ?$? Help for variables used in expressions + + $$: Here + + $s: File size + + $b: Block size + + $l: Opcode length + + $j: When $$ is at a jmp, $j is the address where we are going to jump to + + $f: Same for jmp fail address + + $m: Opcode memory reference (e.g. mov eax,[0x10] => 0x10) + + ??? Help for ? command + + ?i Takes input from stdin. Eg ?i username + + ?? Result from previous operations + + ?s from to [step]: Generates sequence from to every + + ?p: Get physical address for given virtual address + + ?P: Get virtual address for given physical one + + ?v Show hex value of math expr + + +------------------------------------------------------------------- + + ?v 0x1625d4ca ^ 0x72ca4247 = 0x64ef968d + ?v 0x4141414a - 0x41414140 = 0xa + + +------------------------------------------------------------------- + + ?l str: Returns the length of string + + @@: Used for iteractions + + +------------------------------------------------------------------- + + wx ff @@10 20 30 Writes ff at offsets 10, 20 and 30 + wx ff @@`?s 1 10 2` Writes ff at offsets 1, 2 and 3 + wx 90 @@ sym.* Writes a nop on every symbol + + +------------------------------------------------------------------- + +# Positioning + + s address: Move cursor to address or symbol + + s-5 (5 bytes backwards) + + s- undo seek + + s+ redo seek + +# Block Size + + b size: Change block size + +# Analyze + + aa: Analyze all (fcns + bbs) same that running r2 with -A + + ahl : fake opcode length for a range of bytes + + ad: Analyze data + + ad@rsp (analize the stack) + + + Normal mode + + af: Analyze functions + + afl: List all functions + number of functions: afl~? + + afi: Returns information about the functions we are currently at + + afr: Rename function: structure and flag + + afr off: Restore function name set by r2 + + afn: Rename function + + afn strlen 0x080483f0 + + af-: Removes metadata generated by the function analysis + + af+: Define a function manually given the start address and length + af+ 0xd6f 403 checker_loop + + axt: Returns cross references to (xref to) + + axf: Returns cross references from (xref from) + + + Visual mode + + d, f: Function analysis + + d, u: Remove metadata generated by function analysis + + + Opcode analysis + + ao x: Analize x opcodes from current offset + + a8 bytes: Analize the instruction represented by specified bytes + +# Information + + iI: File info + + iz: Strings in data section + + izz: Strings in the whole binary + + iS: Sections + iS~w returns writable sections + + is: Symbols + is~FUNC exports + + il: Linked libraries + + ii: Imports + + ie: Entrypoint + + + Mitigations + + i~pic : check if the binary has position-independent-code + + i~nx : check if the binary has non-executable stack + + i~canary : check if the binary has canaries + +# Print + + psz n @ offset: Print n zero terminated String + + px n @ offset: Print hexdump (or just x) of n bytes + + pxw n @ offset: Print hexdump of n words + pxw size@offset prints hexadecimal words at address + + pd n @ offset: Print n opcodes disassambled + + pD n @ offset: Print n bytes disassembled + + pi n @ offset: Print n instructions disassambeled (no address, XREFs, etc. just instrunctions) + + pdf @ offset: Print disassembled function + pdf~XREF (grep: XREFs) + pdf~call (grep: calls) + + pcp n @ offset: Print n bytes in python string output. + pcp 0x20@0x8048550 + import struct + buf = struct.pack ("32B", + 0x55,0x89,0xe5,0x83,0xzz,0xzz,0xzz,0xzz,0xf0,0x00,0x00, + 0x00,0x00,0xc7,0x45,0xf4,0x00,0x00,0x00,0x00,0xeb,0x20, + 0xc7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0xzz,0xzz) + + p8 n @ offset: Print n bytes (8bits) (no hexdump) + + pv: Print file contents as IDA bar and shows metadata for each byte (flags , ...) + + pt: Interpret data as dates + + pf: Print with format + + pf.: list all formats + + p=: Print entropy ascii graph + +# Write + + wx: Write hex values in current offset + wx 123456 + wx ff @ 4 + + wa: Write assembly + wa jnz 0x400d24 + + wc: Write cache commit + + wv: Writes value doing endian conversion and padding to byte + + wo[x]: Write result of operation + wow 11223344 @102!10 + write looped value from 102 to 102+10 + 0x00000066 1122 3344 1122 3344 1122 0000 0000 0000 + + wox 0x90 + XOR the current block with 0x90. Equivalent to wox 0x90 $$!$b (write from current position, a whole block) + + wox 67 @4!10 + XOR from offset 4 to 10 with value 67 + + wf file: Writes the content of the file at the current address or specified offset (ASCII characters only) + + wF file: Writes the content of the file at the current address or specified offset + + wt file [sz]: Write to file (from current seek, blocksize or sz bytes) + Eg: Dump ELF files with wt @@ hit0* (after searching for ELF headers: \x7fELF) + + woO 41424344 : get the index in the De Bruijn Pattern of the given word + +# Flags + + f: List flags + + f label @ offset: Define a flag `label` at offset + f str.pass_len @ 0x804999c + + f -label: Removes flag + + fr: Rename flag + + fd: Returns position from nearest flag (looking backwards). Eg => entry+21 + + fs: Show all flag spaces + + fs flagspace: Change to the specified flag space + + fe loop and create numbered flags: + + 1. fs demo_flagspace + 2. fe demo_flagspace @@=`pdf~jne[1]` + +# Yank & Paste + + y n: Copies n bytes from current position + + y: Shows yank buffer contentent with address and length where each entry was copied from + + yp: Prints yank buffer + + yy offset: Paste the contents of the yank buffer at the specified offset + + yt n target @ source: Yank to. Copy n bytes fromsource to target address + +# Visual Mode + + q: Exits visual mode + + hjkl: move around (or HJKL) (left-down-up-right) + + o: go/seek to given offset + + ?: Help + + .: Seek EIP + + : Follow address of the current jump/call + + :cmd: Enter radare commands. Eg: x @ esi + + d[f?]: Define cursor as a string, data, code, a function, or simply to undefine it. + dr: Rename a function + df: Define a function + + v: Get into the visual code analysis menu to edit/look closely at the current function. + + p/P: Rotate print (visualization) modes + hex, the hexadecimal view + disasm, the disassembly listing + Use numbers in [] to follow jump + Use "u" to go back + + debug, the debugger + words, the word-hexidecimal view + buf, the C-formatted buffer + annotated, the annotated hexdump. + + c: Changes to cursor mode or exits the cursor mode + select: Shift+[hjkl] + i: Insert mode + a: assembly inline + A: Assembly in visual mode + y: Copy + Y: Paste + f: Creates a flag where cursor points to + in the hexdump view to toggle between hex and strings columns + + V: View ascii-art basic block graph of current function + + W: WebUI + + x, X: XREFs to current function. ("u" to go back) + + t: track flags (browse symbols, functions..) + + gG: Begging or end of file + + HUD + _ Show HUD + backspace: Exits HUD + We can add new commands to HUD in: radare2/shlr/hud/main + + ;[-]cmt: Add/remove comment + + m: Define a bookmark + + ': Go to previously defined bookmark + +# ROP + + /R opcodes: Search opcodes + + /R pop,pop,ret + + /Rl opcodes: Search opcodes and print them in linear way + + /Rl jmp eax,call ebx + + /a: Search assembly + + /a jmp eax + + pda: Returns a library of gadgets that can be use. These gadgets are obtained by disassmbling byte per byte instead of obeying to opcode leng + + e search.roplen = 4 (change the depth of the search, to speed-up the hunt) + +# Searching + + / bytes: Search bytes + \x7fELF + + +------------------------------------------------------------------- + + push ebp + mov ebp, esp + + Opcodes: 5589e5 + + /x 5589e5 + [# ]hits: 54c0f4 < 0x0804c600 hits = 1 + 0x08049f70 hit0_0 5589e557565383e4f081ec + 0x0804c31a hit0_1 5589e583ec18c704246031 + 0x0804c353 hit0_2 5589e583ec1889442404c7 + 0x0804c379 hit0_3 5589e583ec08e87cffffff + 0x0804c3a2 hit0_4 5589e583ec18c70424302d + + pi 5 @@hit* (Print 5 first instructions of every hit) + + +------------------------------------------------------------------- + + Its possible to run a command for each hit. Use the cmd.hit property: + + e cmd.hit=px + +# Comments and defines + + Cd [size]: Define as data + + C- [size]: Define as code + + Cs [size]: Define as String + + Cf [size]: Define as struct + We can define structures to be shown in the disassmbly + + CC: List all comments or add a new comment in console mode + C* Show all comments/metadata + CC add new comment + CC- remove comment + +# Magic files + + pm: Print Magic files analysis + [0x00000000]> pm + 0x00000000 1 ELF 32-bit LSB executable, Intel 80386, version 1 + + /m [magicfile]: Search magic number headers with libmagic + + search.align + search.from (0 = beginning) + search.to (0 = end) + search.asmstr + search.in + +# Yara + + :yara scan + +# Zignatures + + zg : Generate signatures + eg: zg go go.z + + Run the generated script to load signatures + eg: . go.z + + z: To show signatures loaded: + + +------------------------------------------------------------------- + + r2-(pid2)> pd 35 @ 0x08049adb-10 + | 0x08049adb call fcn.0805b030 + | fcn.0805b030(unk, unk, unk, unk) ; sign.sign.b.sym.fmt.Println + | 0x08049ae0 add esp, 0xc + | 0x08049ae3 call fcn.08095580 + + +------------------------------------------------------------------- + +# Compare Files + + r2 -m 0xf0000 /etc/fstab ; Open source file + + o /etc/issue ; Open file2 at offset 0 + + o ; List both files + + cc offset: Diff by columns between current offset address and "offset" + +# Graphs + + + Basic block graphs + + af: Load function metadata + + ag $$ > a.dot: Dump basic block graph to file + + ag $$ | xdot: Show current function basic block graph + + + Call graphs + + af: Load function metadata + + agc $$ > b.dot: Dump basic block graph to file + + + Convert .dot in .png + + dot -Tpng -o /tmp/b.png b.dot + + + Generate graph for file + + radiff2 -g main crackme.bin crackme.bin > /tmp/a + xdot /tmp/a + +# Debugger + + + Start r2 in debugger mode. r2 will fork and attach + + r2 -d [pid|cmd|ptrace] (if command contains spaces use quotes: r2 -d "ls /") + + ptrace://pid (debug backend does not notice, only access to mapped memory) + + + Pass arguments + + r2 -d rarun2 program=pwn1 arg1=$(python exploit.py) + + + Pass stdin + + r2 -d rarun2 program=/bin/ls stdin=$(python exploit.py) + + + Commands + + do: Reopen program + + dp: Shows debugged process, child processes and threads + + dc: Continue + + dcu
: Continue until symbol (sets bp in address, continua until bp and remove bp) + + dc[sfcp]: Continue until syscall(eg: write), fork, call, program address (To exit a library) + + ds: Step in + + dso: Step out + + dss: Skip instruction + + dr register=value: Change register value + + dr(=)?: Show register values + + db address: Sets a breakpoint at address + db sym.main add breakpoint into sym.main + db 0x804800 add breakpoint + db -0x804800 remove breakpoint + + dsi (conditional step): Eg: "dsi eax==3,ecx>0" + + dbt: Shows backtrace + + drr: Display in colors and words all the refs from registers or memory + + dm: Shows memory map (* indicates current section) + [0xb776c110]> dm + sys 0x08048000 - 0x08062000 s r-x /usr/bin/ls + sys 0x08062000 - 0x08064000 s rw- /usr/bin/ls + sys 0xb776a000 - 0xb776b000 s r-x [vdso] + sys 0xb776b000 * 0xb778b000 s r-x /usr/lib/ld-2.17.so + sys 0xb778b000 - 0xb778d000 s rw- /usr/lib/ld-2.17.so + sys 0xbfe5d000 - 0xbfe7e000 s rw- [stack] + + + To follow child processes in forks (set-follow-fork-mode in gdb) + + dcf until a fork happen then use dp to select what process you want to debug. + + + PEDA like details + + drr;pd 10@-10;pxr 40@esp + + + Debug in visual mode + + toggl breakpoints with F2 + single-step with F7 (s) + step-over with F8 (S) + continue with F9 + +# WebGUI + + =h: Start the server + =H: Start server and browser + +# rax2 - Base Conversion + + -e: Change endian + + -k: random ASCII art to represent a number/hash. Similar to how SSH represents keys + + -s: ASCII to hex + rax2 -S hola (from string to hex) + rax2 -s 686f6c61 (from hex to string) + + -S: binary to hex (for files) + + -N: pack an integer + rax2 -N 0x1234 # \x34\x12\x00\x00 + +# rahash2 - Entropy, hashes and checksums + + -a: Specify the algorithm + + -b XXX: Block size + + -B: Print all blocks + + -a entropy: Show file entropy or entropy per block (-B -b 512 -a entropy) + + + Rot13 with rahash2 + rahash2 -E rot -S s:13 -s ‘Hello\n’ + +# radiff2 - File diffing + + -s: Calculate text distance from two files. + + -d: Delta diffing (For files with different sizes. Its not byte per byte) + + -C: Code diffing (instead of data) + + +------------------------------------------------------------------- + + Diff original and patched on x86_32, using graphdiff algorithm + radiff2 -a x86 -b32 -C original patched + + Show differences between original and patched on x86_32 + radiff2 -a x86 -b32 original patched : + + +------------------------------------------------------------------- + +# rasm2 - Assembly/Disasembly + + -L: Supported architectures + + -a arch instruction: Sets architecture + rasm2 -a x86 'mov eax,30' => b81e000000 + + -b tam: Sets block size + + -d: Disassembly + rasm2 -d b81e000000 => mov eax, 0x1e + + -C: Assembly in C output + rasm2 -C 'mov eax,30' => "\xb8\x1e\x00\x00\x00" + + -D: Disassemble showing hexpair and opcode + rasm2 -D b81e0000 => 0x00000000 5 b81e000000 mov eax, 0x1e + + -f: Read data from file instead of ARG. + + -t: Write data to file + + + Disassemble shellcode from hex stdin + + +------------------------------------------------------------------- + + echo -n "31c048bbd19d9691d08c97ff48f7db53545f995257545eb03b0f05" | rasm2 -a x86 -b 64 -d - + xor eax, eax + movabs rbx, 0xff978cd091969dd1 + neg rbx + push rbx + push rsp + pop rdi + cdq + push rdx + push rdi + push rsp + pop rsi + mov al, 0x3b + syscall + + +------------------------------------------------------------------- + +# rafind2 - Search + + -Z: Look for Zero terminated strings + + -s str: Look for specifc string + + -X: Hex dump around output + + + Search "/bin/sh" in libc + + rafind2 -X -s "/bin/sh" /usr/lib/libc.so.6 + +# ragg2 - Shellcode generator, C/opcode compiler + + P: Generate De Bruijn patterns + ragg2 -P 300 -r + + -a arch: Configure architecture + + -b bits: Specify architecture bits (32/64) + + -i shellcode: Specify shellcode to generate + + -e encoder: Specify encoder + + + ragg2-cc: Generate shellcode from c + + + Generate a x86, 32 bits exec shellcode + ragg2 -a x86 -b 32 -i exec + +# rabin2 - Executable analysis: symbols, imports, strings + + -I: Executable information + + -C: Returns classes. Useful to list Java Classes + + -l: Dynamic linked libraries + + -s: Symbols + + -z: Strings + +# rarun2 - Launcher to run programs with different environments, args, stdin, permissions, fds + + r2 -b 32 -d rarun2 program=pwn1 arg1=$(ragg2 -P 300 -r) : runs pwn1 with a De Bruijn Pattern as first argument, inside radare2's debugger, and force 32 bits + r2 -d rarun2 program=/bin/ls stdin=$(python exploit.py) : runs /bin/ls with the output of exploit.py directed to stdin + +# ESIL emulation + + 1) aei: Initialize ESIL VM + + 2) aeim: Assign ESIL stack + aeim 0xffffd000 0x1000 stack + + 3) aeip: Program counter to current seek + + 4) e io.cache=true: Enable caching read/write of virtual memory (Important if self modifying code) + + 5) aes: Single stepping in emulation mode + + + Toggle IL representation via O in Visual Mode + +# ESIL Linear emulation + + Find all references to curr. address using linear esil emulation on all imports. + + /re$$@@ sym.imp.* + +# ESIL IL Representation + + op esil + ------------ + mov = + mul * + div / + and & + neg ! + read [] + if ?{ + add + + sub - + xor ^ + or | + cmp == + write =[] + + + prefix is % + + carry from bit x -> %cx + + borrow from bit x -> %bx + + zero-flag -> %z + + parity of dst -> %p + + sign-flag -> %s + + overflow-flag -> %o + + + BREAK - Stop parsing and emulate next instruction + + LOOP - restart emulation of instruction + + GOTO n - jump to n + + TODO - stop emulation and eprintf("TDOD %s", ins) + + x86 ESIL + ------------------------------------------------------ + mov eax, ebx ebx,eax,= + jz 0xaabbccdd zf,?{,0xaabbccdd,eip,=,} + cmp ecx,edx edx,ecx,==,%z,zf,=,%b32,cf,=,%p,pf,=,%s,sf,= + push ebp 4,esp,-=ebp,esp,=[4] + + + ESIL Doc + https://github.com/radare/radare2book/blob/master/esil.md + +# r2pipe commands + + + Invoke r2pipe script via r2 cmdline + + [0x00000000]> #!pipe node script.js + [0x00000000]> #!pipe python script.py + + + Good collection: + https://radare.org/get/r2pipe-nn2015.pdf + https://github.com/jpenalbae/r2-scripts +# Parsing ELF + + !!! open with r2 -nn + + + Parse 9 program headers (elf_phdr) from curr. seek plus offset 0x40 with temporary block size 0x200 in less mode (~..) + + [0x00000000]> pf 9? (elf_phdr)phdr @ $$+0x40!0x200~.. + +# pf Templates + + + Generate templates for structs/enums with td command + + "td enum elf_class {ELFCLASSNONE=0, ELFCLASS32=1, ELFCLASS64=2};" + + https://github.com/Maijin/r2-pf-templates/ + + + Cast data @ to and print it + + tp =
+ +# r2scapy + + r2 -i r2scapy.py dump.bin + [0x00000000]> scapy DNS 0x81de3c 48 + DNS(aa=1L, qr=1L, an=DNSRR(rclass=32769, ttl=120, rrname='flashair.local.', rdata='192.168.0.1', type=1), ad=0L, nscount=0, qdcount=1, ns=None, tc=0L, rd=1L, arcount=0, ar=None, opcode=0L, ra=0L, cd=0L, z=0L, rcode=0L, id=0, ancount=1, qd=DNSQR(qclass=32769, qtype=255, qname='flashair.local.')) + + + generate packets with scapy + >>> from scapy.all import * + >>> sr1(IP(dst="8.8.8.8")/UDP(dport=53)/DNS(rd=1,qd=DNSQR(qname="www.thepacketgeek.com")),verbose=0) + +# r2m2 -Miasm Intermediate Representation Plugin + + + Assemble and disassemble MIPS32 using rasm2 + + r2m2$ export R2M2_ARCH=mips32l; rasm2 -a r2m2 'addiu a0, a1, 2' |rasm2 -a r2m2 -d - + ADDIU A0, A1, 0x2 + + + Disassemble random MSP430 instructions in r2 + + r2m2$ R2M2_ARCH=msp430 r2 -a r2m2 -qc 'woR; pd 5' - + 0x00000000 07fa and.w R10, R7 + 0x00000002 47ad dadd.b R13, R7 + 0x00000004 f05e0778 add.b @R14+, 0x7807(PC) + 0x00000008 f46d81ed addc.b @R13+, 0xED81(R4) + 0x0000000c 3fdc bis.w @R12+, R15 + + Assemble MIPS32 using rasm2 and display the call graph using r2 + + r2m2$ R2M2_ARCH=mips32b rasm2 -a r2m2 'j 0x4; nop' -B > j_nop.bin + + r2m2$ R2M2_ARCH=mips32b r2 -a r2m2 -qc 'pd 2' j_nop.bin + ,=< 0x00000000 0c000001 JAL 0x4 + `-> 0x00000004 00000000 NOP + +# bin carving with r2 + + + Open raw dump + + r2 -n dump.bin + + + Searching for magic + + [0x00000000]> / \x7fELF + Searching 4 bytes from 0x00000000 to 0x0000002d: 7f 45 4c 46 + 0x00001340 hit0_0 + 0x00001744 hit0_1 + ... + + + Dump 1M with at several hits + + [0x00000000]> b 1M + [0x00000000]> wt @@ hit0* + + + Automate it + + $ for a in dump.* ; do + sz=`rabin2 -Z $a` # get RBin.filesize + r2 -wnqc"r $sz" $a # resize file + done + + http://radare.today/posts/carving-bins/ + +# r4ge - symbolic execution + + https://github.com/gast04/r4ge + + Usage: https://asciinema.org/a/155856 + +# r2wiki -Macro for using wiki in commandline + + + https://github.com/securisec/r2wiki + + $wiki "query string" + diff --git a/cheat/cheatsheets/rcs b/cheat/cheatsheets/rcs new file mode 100644 index 0000000..2e41a5f --- /dev/null +++ b/cheat/cheatsheets/rcs @@ -0,0 +1,26 @@ +# Initial check-in of file (leaving file active in filesystem) +ci -u + +# Check out with lock +co -l + +# Check in and unlock (leaving file active in filesystem) +ci -u + +# Display version x.y of a file +co -px.y + +# Undo to version x.y (overwrites file active in filesystem with the specified revision) +co -rx.y + +# Diff file active in filesystem and last revision +rcsdiff + +# Diff versions x.y and x.z +rcsdiff -rx.y -rx.z + +# View log of check-ins +rlog + +# Break an RCS lock held by another person on a file +rcs -u diff --git a/cheat/cheatsheets/rsync b/cheat/cheatsheets/rsync index 43343b6..22b5ea9 100644 --- a/cheat/cheatsheets/rsync +++ b/cheat/cheatsheets/rsync @@ -12,3 +12,6 @@ rsync -auv /src/foo /dest # Explicitly copy /src/foo to /dest/foo rsync -auv /src/foo/ /dest/foo + +# Copy file from local to remote over ssh with non standard port 1234 to destination folder in remoteuser's home directory +rsync -avz -e "ssh -p1234" /source/file1 remoteuser@X.X.X.X:~/destination/ diff --git a/cheat/cheatsheets/sed b/cheat/cheatsheets/sed index e22c97a..93bc163 100644 --- a/cheat/cheatsheets/sed +++ b/cheat/cheatsheets/sed @@ -15,3 +15,9 @@ sed '/^$/d' file.txt # To replace newlines in multiple lines sed ':a;N;$!ba;s/\n//g' file.txt + +# Insert a line before a matching pattern: +sed '/Once upon a time/i\Chapter 1' + +# Add a line after a matching pattern: +sed '/happily ever after/a\The end.' diff --git a/cheat/cheatsheets/slurm b/cheat/cheatsheets/slurm new file mode 100644 index 0000000..125af9a --- /dev/null +++ b/cheat/cheatsheets/slurm @@ -0,0 +1,15 @@ +# Submit a new job: +sbatch job.sh + +# List all jobs for a user: +squeue -u user_name + +# Cancel a job by id or name: +scancel job_id +scancel --name job_name + +# List all information for a job: +scontrol show jobid -dd job_id + +# Status info for currently running job: +sstat --format=AveCPU,AvePages,AveRSS,AveVMSize,JobID -j job_id --allsteps diff --git a/cheat/cheatsheets/tar b/cheat/cheatsheets/tar index 088137a..41173b2 100644 --- a/cheat/cheatsheets/tar +++ b/cheat/cheatsheets/tar @@ -19,6 +19,9 @@ tar -xjvf /path/to/foo.tgz # To create a .bz2 archive: tar -cjvf /path/to/foo.tgz /path/to/foo/ +# To extract a .tar in specified Directory: +tar -xvf /path/to/foo.tar -C /path/to/destination/ + # To list the content of an .bz2 archive: tar -jtvf /path/to/foo.tgz diff --git a/cheat/cheatsheets/wc b/cheat/cheatsheets/wc new file mode 100644 index 0000000..c8d771e --- /dev/null +++ b/cheat/cheatsheets/wc @@ -0,0 +1,18 @@ +# Count the number of words (file or STDIN) +wc -w /path/to/foo.txt +cat /path/to/foo.txt | wc -w + +# Count the number of lines (file or STDIN) +wc -l /path/to/foo.txt +cat /path/to/foo.txt | wc -l + +# Count the number of bytes (file or STDIN) +wc -c /path/to/foo.txt +cat /path/to/foo.txt | wc -c + +# Count files and directories at a given location +ls -l | wc -l + +# If you ever use `wc` in a shell script and need to compare the output with an int you can +# clean the output (wc returns extra characters around the integer) by using xargs: +ls -l | wc -l | xargs diff --git a/cheat/cheatsheets/xargs b/cheat/cheatsheets/xargs index 44bf20a..a1391f3 100644 --- a/cheat/cheatsheets/xargs +++ b/cheat/cheatsheets/xargs @@ -10,3 +10,7 @@ find -name *.pdf | xargs -I{} rm -rf '{}' # -n1 => One file by one file. ( -n2 => 2 files by 2 files ) find -name *.pdf | xargs -I{} -n1 echo '&{}=' + +# If find returns no result, do not run rm +# This option is a GNU extension. +find -name "*.pdf" | xargs --no-run-if-empty rm diff --git a/cheat/cheatsheets/youtube-dl b/cheat/cheatsheets/youtube-dl index 2ff3536..de8a403 100644 --- a/cheat/cheatsheets/youtube-dl +++ b/cheat/cheatsheets/youtube-dl @@ -16,5 +16,8 @@ youtube-dl --playlist-start 5 example.com/watch?v=id&list=listid # To simulate a download with youtube-dl: youtube-dl -s example.com/watch?v=id +# To download audio in mp3 format with best quality available +youtube-dl --extract-audio --audio-format mp3 --audio-quality 0 example.com/watch?v=id + # For all video formats see # http://en.wikipedia.org/wiki/YouTube#Quality_and_codecs diff --git a/cheat/cheatsheets/zfs b/cheat/cheatsheets/zfs new file mode 100644 index 0000000..845c079 --- /dev/null +++ b/cheat/cheatsheets/zfs @@ -0,0 +1,126 @@ +# WARNING: +# In order to avoid headaches when moving ZFS physical devices around, +# one will be much better served to reference devices by their *immutable* +# ID - as in /dev/disk/by-id/* - rather than their block device name - +# as in /dev/{sd,nvme}* - which is bound to change as per PCI enumeration +# order. +# For the sake of briefness, we'll use the following variables: +# ${device} device (/dev/disk/by-id/${device}) +# ${part} partition (/dev/disk/by-id/${part=${device}-part${N}}) +# ${pool} ZFS pool (name) +# ${fs_vol} ZFS file system or volume (name) +# ${snapshot} ZFS snapshot (name) + + +## Pools + +# Create a new "RAID-5" (raidz1) pool +# Recommended: use entire devices rather than partitions +zpool create ${pool} raidz1 ${device} ${device} ${device} [...] + +# Add 2nd-level "RAID-1" (mirror) ZFS Intent Log (ZIL; synchronous write cache) +# Recommended: use separate, fast, low-latency devices (e.g. NVMe) +zpool add ${pool} log mirror ${part} ${part} + +# Add 2nd-level "RAID-0" Adaptive Replacement Cache (ARC; read cache) +# Recommended: use separate, fast, low-latency devices (e.g. NVMe) +zpool add ${pool} cache ${part} ${part} [...] + +# Remove log or cache components +zpool remove zfs ${part} [...] + +# Import (enable) existing pool from newly connected devices +# Note: this will create the /etc/zfs/zpool.cache devices cache +zpool import -d /dev/disk/by-id -aN + +# Import (enable) existing pool using the devices cache +zpool import -c /etc/zfs/zpool.cache -aN + +# Export (disable) pool (e.g. before shutdown) +zpool export -a + +# List all (imported) pools +zpool list + +# See pool status +zpool status ${pool} + +# See detailed pool I/O statistics +zpool iostat ${pool} -v + +# Verify pool integrity (data checksums) +# (watch progress with 'zpool status') +zpool scrub ${pool} + +# Remove a failing device from a pool +# Note: redundant pools (mirror, raidz) will continue working in degraded state +zpool detach ${pool} ${device} + +# Replace a failed device in a pool +# Note: new device will be "resilvered" automatically (parity reconstruction) +# (watch progress with 'zpool status') +zpool replace ${pool} ${failed-device} ${new-device} + +# Erase zpool labels ("superblock") from a device/partition +# WARNING: MUST do before reusing a device/partition for other purposes +zpool labelclear ${device} + +# Query pool configuration (properties) +zpool get all ${pool} + +# Change pool configuration (property) +zpool set = ${pool} + +# Dump the entire pool (commands) history +zpool history ${pool} + +# More... +man zpool + + +## File systems / Volumes + +# Create a new file system +zfs create ${pool}/${fs_vol} + +# Create a new volume ("block device") +# Note: look for it in /dev/zvol/${pool}/${fs_vol} +zfs create -V ${pool}/${fs_vol} + +# List all file systems / volumes +zfs list + +# Mount all file systems +# Note: see 'zfs get mountpoint ${pool}' for mountpoint root path +zfs mount -a + +# Create a snapshot +zfs snapshot ${pool}/${fs_vol}@${snapshot} + +# Delete a snapshot +zfs destroy ${pool}/${fs_vol}@${snapshot} + +# Full backup +# Note: pipe (|) source to destination through netcat, SSH, etc. +# ... on source: +zfs send -p -R ${pool}/${fs_vol}@${snapshot} +# ... on destination: +zfs receive -F ${pool}/${fs_vol} + +# Incremental backup +# Note: pipe (|) source to destination through netcat, SSH, etc. +# ... on source: +zfs send -p -R -i ${pool}/${fs_vol}@${snapshot-previous} ${pool}/${fs_vol}@${snapshot} +# ... on destination: +zfs receive -F ${pool}/${fs_vol} + +# Query file system / volume configuration (properties) +zfs get all ${pool} +zfs get all ${pool}/${fs_vol} + +# Change file system / volume configuration (property) +zfs set = ${pool}/${fs_vol} + +# More... +man zfs + diff --git a/cheat/cheatsheets/zip b/cheat/cheatsheets/zip index ad22773..ee6f8e8 100644 --- a/cheat/cheatsheets/zip +++ b/cheat/cheatsheets/zip @@ -1,5 +1,8 @@ # Create zip file zip archive.zip file1 directory/ +# Create zip file with password +zip -P password archive.zip file1 + # To list, test and extract zip archives, see unzip cheat unzip diff --git a/cheat/cheatsheets/zsh b/cheat/cheatsheets/zsh new file mode 100644 index 0000000..5db902e --- /dev/null +++ b/cheat/cheatsheets/zsh @@ -0,0 +1,82 @@ +# A plain old glob +print -l *.txt +print -l **/*.txt + +# Show text files that end in a number from 1 to 10 +print -l **/*<1-10>.txt + +# Show text files that start with the letter a +print -l **/[a]*.txt + +# Show text files that start with either ab or bc +print -l **/(ab|bc)*.txt + +# Show text files that don't start with a lower or uppercase c +print -l **/[^cC]*.txt + +# Show only directories +print -l **/*(/) + +# Show only regular files +print -l **/*(.) + +# Show empty files +print -l **/*(L0) + +# Show files greater than 3 KB +print -l **/*(Lk+3) + +# Show files modified in the last hour +print -l **/*(mh-1) + +# Sort files from most to least recently modified and show the last 3 +print -l **/*(om[1,3]) + +# `.` show files, `Lm-2` smaller than 2MB, `mh-1` modified in last hour, +# `om` sort by modification date, `[1,3]` only first 3 files +print -l **/*(.Lm-2mh-1om[1,3]) + +# Show every directory that contain directory `.git` +print -l **/*(e:'[[ -d $REPLY/.git ]]':) + +# Return the file name (t stands for tail) +print -l *.txt(:t) + +# Return the file name without the extension (r stands for remove_extension) +print -l *.txt(:t:r) + +# Return the extension +print -l *.txt(:e) + +# Return the parent folder of the file (h stands for head) +print -l *.txt(:h) + +# Return the parent folder of the parent +print -l *.txt(:h:h) + +# Return the parent folder of the first file +print -l *.txt([1]:h) + +# Parameter expansion +files=(*.txt) # store a glob in a variable +print -l $files +print -l $files(:h) # this is the syntax we saw before +print -l ${files:h} +print -l ${files(:h)} # don't mix the two, or you'll get an error +print -l ${files:u} # the :u modifier makes the text uppercase + +# :s modifier +variable="path/aaabcd" +echo ${variable:s/bc/BC/} # path/aaaBCd +echo ${variable:s_bc_BC_} # path/aaaBCd +echo ${variable:s/\//./} # path.aaabcd (escaping the slash \/) +echo ${variable:s_/_._} # path.aaabcd (slightly more readable) +echo ${variable:s/a/A/} # pAth/aaabcd (only first A is replaced) +echo ${variable:gs/a/A/} # pAth/AAAbcd (all A is replaced) + +# Split the file name at each underscore +echo ${(s._.)file} + +# Join expansion flag, opposite of the split flag. +array=(a b c d) +echo ${(j.-.)array} # a-b-c-d diff --git a/setup.py b/setup.py index 91512bc..6788406 100644 --- a/setup.py +++ b/setup.py @@ -3,7 +3,7 @@ import os setup( name = 'cheat', - version = '2.2.0', + version = '2.2.3', author = 'Chris Lane', author_email = 'chris@chris-allen-lane.com', license = 'GPL3',