mirror of https://github.com/cheat/cheat.git
Merge branch 'master' of github.com:chrisallenlane/cheat
* 'master' of github.com:chrisallenlane/cheat: (24 commits) [APT-GET] Change <cat | grep> to grep [PACMAN] Change the AUR instructions Make cheat working with python3 :) [DD] Watch the progress of `dd` with `pv` and `zenity` [APT−GET] Show apt-get installed packages [DD] Add some tricks for dd [APT-GET] Donwload deb withtou installing it [NMAP] Speed up nmap scan [NMAP] Correct a bug [FIND] add a cheat to find all files that have the same node (hard link) as MY_FILE [NMAP] Update nmap [IPTABLES] Add some cheats for iptables [SSH] add a cheat for ssh (encryption) [IPTABLES,TCPDUMP] Add cheats for iptables and tcpdump [XARGS] Add xargs example - Cheatsheets added for a couple of my favourite commands: - rsync: file copy and backup multi-tool - indent: one liner to nicely format C/C++ source. [PS,GREP] Exclude grep from your grepped output of ps. Update wget Update wget Adding two invaluable commands to tmux cheatsheet include commands to mirror locally ...
This commit is contained in:
commit
c03cca9298
6
cheat
6
cheat
|
@ -179,7 +179,7 @@ class CheatSheets(object):
|
||||||
"Please retry usig sudo." % cheat)
|
"Please retry usig sudo." % cheat)
|
||||||
print >> sys.stderr, error_msg
|
print >> sys.stderr, error_msg
|
||||||
exit(1)
|
exit(1)
|
||||||
except OSError, errno:
|
except OSError as errno:
|
||||||
print >> sys.stderr, ("Could not launch `%s` as your editor : %s"
|
print >> sys.stderr, ("Could not launch `%s` as your editor : %s"
|
||||||
% (editor[0], errno.strerror))
|
% (editor[0], errno.strerror))
|
||||||
exit(1)
|
exit(1)
|
||||||
|
@ -216,7 +216,7 @@ class CheatSheets(object):
|
||||||
output += ''.join([" " + line + '\n' for line
|
output += ''.join([" " + line + '\n' for line
|
||||||
in block.split('\n')])
|
in block.split('\n')])
|
||||||
if output:
|
if output:
|
||||||
print output,
|
sys.stdout.write(output);
|
||||||
|
|
||||||
|
|
||||||
# Custom action for argparse
|
# Custom action for argparse
|
||||||
|
@ -230,7 +230,7 @@ class ListDirectories(argparse.Action):
|
||||||
class ListCheatsheets(argparse.Action):
|
class ListCheatsheets(argparse.Action):
|
||||||
"""List cheatsheets and exit"""
|
"""List cheatsheets and exit"""
|
||||||
def __call__(self, parser, namespace, values, option_string=None):
|
def __call__(self, parser, namespace, values, option_string=None):
|
||||||
print sheets.list()
|
print(sheets.list());
|
||||||
parser.exit()
|
parser.exit()
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -14,3 +14,12 @@ apt-get update && apt-get dist-upgrade
|
||||||
|
|
||||||
# To install a new package(s)
|
# To install a new package(s)
|
||||||
apt-get install package(s)
|
apt-get install package(s)
|
||||||
|
|
||||||
|
# Download a package without installing it. (The package will be downloaded in your current working dir)
|
||||||
|
apt-get download modsecurity-crs
|
||||||
|
|
||||||
|
# Change Cache dir and archive dir (where .deb are stored).
|
||||||
|
apt-get -o Dir::Cache="/path/to/destination/dir/" -o Dir::Cache::archives="./" install ...
|
||||||
|
|
||||||
|
# Show apt-get installed packages.
|
||||||
|
grep 'install ' /var/log/dpkg.log
|
||||||
|
|
|
@ -2,3 +2,16 @@
|
||||||
# Note: At the first iteration, we read 512 Bytes.
|
# Note: At the first iteration, we read 512 Bytes.
|
||||||
# Note: At the second iteration, we read 512 Bytes.
|
# Note: At the second iteration, we read 512 Bytes.
|
||||||
dd if=/dev/urandom of=/tmp/test.txt count=512 bs=2
|
dd if=/dev/urandom of=/tmp/test.txt count=512 bs=2
|
||||||
|
|
||||||
|
# Watch the progress of 'dd'
|
||||||
|
dd if=/dev/zero of=/dev/null bs=4KB &; export dd_pid=`pgrep '^dd'`; while [[ -d /proc/$dd_pid ]]; do kill -USR1 $dd_pid && sleep 1 && clear; done
|
||||||
|
|
||||||
|
# Watch the progress of 'dd' with `pv` and `dialog` (apt-get install pv dialog)
|
||||||
|
(pv -n /dev/zero | dd of=/dev/null bs=128M conv=notrunc,noerror) 2>&1 | dialog --gauge "Running dd command (cloning), please wait..." 10 70 0
|
||||||
|
|
||||||
|
# Watch the progress of 'dd' with `pv` and `zenity` (apt-get install pv zenity)
|
||||||
|
(pv -n /dev/zero | dd of=/dev/null bs=128M conv=notrunc,noerror) 2>&1 | zenity --title 'Running dd command (cloning), please wait...' --progress
|
||||||
|
|
||||||
|
# DD with "graphical" return
|
||||||
|
dcfldd if=/dev/zero of=/dev/null bs=500K
|
||||||
|
|
||||||
|
|
|
@ -39,3 +39,6 @@ find . -maxdepth 2 -name build -type d
|
||||||
|
|
||||||
# To search all files who are not in .git directory
|
# To search all files who are not in .git directory
|
||||||
find . ! -iwholename '*.git*' -type f
|
find . ! -iwholename '*.git*' -type f
|
||||||
|
|
||||||
|
# Find all files that have the same node (hard link) as MY_FILE_HERE
|
||||||
|
find / -type f -samefile MY_FILE_HERE 2>/dev/null
|
||||||
|
|
|
@ -47,6 +47,7 @@ git checkout master # Checkout local master
|
||||||
git checkout -b new_branch # Create and checkout a new branch
|
git checkout -b new_branch # Create and checkout a new branch
|
||||||
git merge upstream/master # Merge remote into local repo
|
git merge upstream/master # Merge remote into local repo
|
||||||
git show 83fb499 # Show what a commit did.
|
git show 83fb499 # Show what a commit did.
|
||||||
|
git show 83fb499:path/fo/file.ext # Shows the file as it appeared at 83fb499.
|
||||||
git diff branch_1 branch_2 # Check difference between branches
|
git diff branch_1 branch_2 # Check difference between branches
|
||||||
git log # Show all the commits
|
git log # Show all the commits
|
||||||
git status # Show the changes from last commit
|
git status # Show the changes from last commit
|
||||||
|
|
|
@ -20,3 +20,7 @@ grep -E "[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}" file #Find IP add
|
||||||
# Find all files who contain {pattern} in the directory {directory}.
|
# Find all files who contain {pattern} in the directory {directory}.
|
||||||
# This will show: "file:line my research"
|
# This will show: "file:line my research"
|
||||||
grep -rnw 'directory' -e "pattern"
|
grep -rnw 'directory' -e "pattern"
|
||||||
|
|
||||||
|
# Exclude grep from your grepped output of ps.
|
||||||
|
# Add [] to the first letter. Ex: sshd -> [s]shd
|
||||||
|
ps aux | grep '[h]ttpd'
|
||||||
|
|
|
@ -0,0 +1,2 @@
|
||||||
|
# format C/C++ source according to the style of Kernighan and Ritchie (K&R), no tabs, 3 spaces per indent, wrap lines at 120 characters.
|
||||||
|
indent -i3 -kr -nut -l120
|
|
@ -0,0 +1,40 @@
|
||||||
|
# Show hit for rules with auto refresh
|
||||||
|
watch --interval 0 'iptables -nvL | grep -v "0 0"'
|
||||||
|
|
||||||
|
# Show hit for rule with auto refresh and highlight any changes since the last refresh
|
||||||
|
watch -d -n 2 iptables -nvL
|
||||||
|
|
||||||
|
# Block the port 902 and we hide this port from nmap.
|
||||||
|
iptables -A INPUT -i eth0 -p tcp --dport 902 -j REJECT --reject-with icmp-port-unreachable
|
||||||
|
|
||||||
|
# Note, --reject-with accept:
|
||||||
|
# icmp-net-unreachable
|
||||||
|
# icmp-host-unreachable
|
||||||
|
# icmp-port-unreachable <- Hide a port to nmap
|
||||||
|
# icmp-proto-unreachable
|
||||||
|
# icmp-net-prohibited
|
||||||
|
# icmp-host-prohibited or
|
||||||
|
# icmp-admin-prohibited
|
||||||
|
# tcp-reset
|
||||||
|
|
||||||
|
# Add a comment to a rule:
|
||||||
|
iptables ... -m comment --comment "This rule is here for this reason"
|
||||||
|
|
||||||
|
|
||||||
|
# To remove or insert a rule:
|
||||||
|
# 1) Show all rules
|
||||||
|
iptables -L INPUT --line-numbers
|
||||||
|
# OR iptables -nL --line-numbers
|
||||||
|
|
||||||
|
# Chain INPUT (policy ACCEPT)
|
||||||
|
# num target prot opt source destination
|
||||||
|
# 1 ACCEPT udp -- anywhere anywhere udp dpt:domain
|
||||||
|
# 2 ACCEPT tcp -- anywhere anywhere tcp dpt:domain
|
||||||
|
# 3 ACCEPT udp -- anywhere anywhere udp dpt:bootps
|
||||||
|
# 4 ACCEPT tcp -- anywhere anywhere tcp dpt:bootps
|
||||||
|
|
||||||
|
# 2.a) REMOVE (-D) a rule. (here an INPUT rule)
|
||||||
|
iptables -D INPUT 2
|
||||||
|
|
||||||
|
# 2.b) OR INSERT a rule.
|
||||||
|
iptables -I INPUT {LINE_NUMBER} -i eth1 -p tcp --dport 21 -s 123.123.123.123 -j ACCEPT -m comment --comment "This rule is here for this reason"
|
|
@ -0,0 +1,21 @@
|
||||||
|
# Actively follow log (like tail -f)
|
||||||
|
journalctl -f
|
||||||
|
|
||||||
|
# Display all errors since last boot
|
||||||
|
journalctl -b -p err
|
||||||
|
|
||||||
|
# Filter by time period
|
||||||
|
journalctl --since=2012-10-15 --until="2011-10-16 23:59:59"
|
||||||
|
|
||||||
|
# Show list of systemd units logged in journal
|
||||||
|
journalctl -F _SYSTEMD_UNIT
|
||||||
|
|
||||||
|
# Filter by specific unit
|
||||||
|
journalctl -u dbus
|
||||||
|
|
||||||
|
# Filter by executable name
|
||||||
|
journalctl /usr/bin/dbus-daemon
|
||||||
|
|
||||||
|
# Filter by PID
|
||||||
|
journalctl _PID=123
|
||||||
|
|
|
@ -8,7 +8,7 @@ nmap -iL [list.txt]
|
||||||
nmap -6 [target]
|
nmap -6 [target]
|
||||||
|
|
||||||
# OS detection:
|
# OS detection:
|
||||||
nmap -O [target]
|
nmap -O --osscan_guess [target]
|
||||||
|
|
||||||
# Save output to text file:
|
# Save output to text file:
|
||||||
nmap -oN [output.txt] [target]
|
nmap -oN [output.txt] [target]
|
||||||
|
@ -22,6 +22,9 @@ nmap -source-port [port] [target]
|
||||||
# Do an aggressive scan:
|
# Do an aggressive scan:
|
||||||
nmap -A [target]
|
nmap -A [target]
|
||||||
|
|
||||||
|
# Speedup your scan:
|
||||||
|
nmap -T5 --min-parallelism=50 [target]
|
||||||
|
|
||||||
# Traceroute:
|
# Traceroute:
|
||||||
nmap -traceroute [target]
|
nmap -traceroute [target]
|
||||||
|
|
||||||
|
@ -34,3 +37,21 @@ nmap -traceroute [target]
|
||||||
|
|
||||||
# Example: Ping scan all machines on a class C network
|
# Example: Ping scan all machines on a class C network
|
||||||
nmap -sP 192.168.0.0/24
|
nmap -sP 192.168.0.0/24
|
||||||
|
|
||||||
|
# Use some script:
|
||||||
|
nmap --script default,safe
|
||||||
|
|
||||||
|
# Loads the script in the default category, the banner script, and all .nse files in the directory /home/user/customscripts.
|
||||||
|
nmap --script default,banner,/home/user/customscripts
|
||||||
|
|
||||||
|
# Loads all scripts whose name starts with http-, such as http-auth and http-open-proxy.
|
||||||
|
nmap --script 'http-*'
|
||||||
|
|
||||||
|
# Loads every script except for those in the intrusive category.
|
||||||
|
nmap --script "not intrusive"
|
||||||
|
|
||||||
|
# Loads those scripts that are in both the default and safe categories.
|
||||||
|
nmap --script "default and safe"
|
||||||
|
|
||||||
|
# Loads scripts in the default, safe, or intrusive categories, except for those whose names start with http-.
|
||||||
|
nmap --script "(default or safe or intrusive) and not http-*"
|
||||||
|
|
|
@ -32,12 +32,17 @@ pacman -Qdt
|
||||||
|
|
||||||
|
|
||||||
# You can't directly install packages from the Arch User Database (AUR) with pacman.
|
# You can't directly install packages from the Arch User Database (AUR) with pacman.
|
||||||
# You need yaourt to perform that. But considering yaourt itself is in the AUR, here is how to
|
# You need yaourt to perform that. But considering yaourt itself is in the AUR, here is how to build a package from its tarball.
|
||||||
build a package from its tarball.
|
# Installing a package from AUR is a relatively simple process:
|
||||||
# First, get the .tar.gz archive and unpack it
|
# - Retrieve the archive corresponding to your package from AUR website
|
||||||
wget <archive url>
|
# - Extract the archive (preferably in a folder for this purpose)
|
||||||
tar -xzf <archive file>
|
# - Run makepkg in the extracted directory. (makepkg-s allows you to install any dependencies automatically from deposits.)
|
||||||
cd <unpacked folder>
|
# - Install the package created using pacman
|
||||||
# Then build the package and install it
|
# Assuming $pkgname contains the package name.
|
||||||
|
wget "https://aur.archlinux.org/packages/${pkgname::2}/$pkgname/$pkgname.tar.gz"
|
||||||
|
tar zxvf "$pkgname.tar.gz"
|
||||||
|
cd "$pkgname"
|
||||||
|
# Build the package
|
||||||
makepkg -s
|
makepkg -s
|
||||||
pacman -U <package file (.pkg.tar.xz)>
|
# Install
|
||||||
|
sudo pacman -U <package file (.pkg.tar.xz)>
|
||||||
|
|
|
@ -9,3 +9,7 @@ ps -aufoouser
|
||||||
|
|
||||||
# To list every process with a user-defined format:
|
# To list every process with a user-defined format:
|
||||||
ps -eo pid,user,command
|
ps -eo pid,user,command
|
||||||
|
|
||||||
|
# Exclude grep from your grepped output of ps.
|
||||||
|
# Add [] to the first letter. Ex: sshd -> [s]shd
|
||||||
|
ps aux | grep '[h]ttpd'
|
||||||
|
|
|
@ -0,0 +1,6 @@
|
||||||
|
# copy files from remote to local, maintaining file propertires and sym-links (-a), zipping for faster transfer (-z), verbose (-v).
|
||||||
|
rsync -avz host:file1 :file1 /dest/
|
||||||
|
rsync -avz /source host:/dest
|
||||||
|
|
||||||
|
# Copy files using checksum (-c), rather than time, to detect if the file has changed. (Useful for validating backups).
|
||||||
|
rsync -avc /source/ /dest/
|
|
@ -16,5 +16,8 @@ ssh -X -t user@example.com 'chromium-browser'
|
||||||
# To create a SOCKS proxy on localhost and port 9999
|
# To create a SOCKS proxy on localhost and port 9999
|
||||||
ssh -D 9999 user@example.com
|
ssh -D 9999 user@example.com
|
||||||
|
|
||||||
|
# -X use an xsession, -C compress data, "-c blowfish" use the encryption blowfish
|
||||||
|
ssh user@example.com -C -c blowfish -X
|
||||||
|
|
||||||
# For more information, see:
|
# For more information, see:
|
||||||
# http://unix.stackexchange.com/q/12755/44856
|
# http://unix.stackexchange.com/q/12755/44856
|
||||||
|
|
|
@ -21,3 +21,6 @@ tar -cjvf /path/to/foo.tgz /path/to/foo/
|
||||||
|
|
||||||
# To list the content of an .bz2 archive:
|
# To list the content of an .bz2 archive:
|
||||||
tar -jtvf /path/to/foo.tgz
|
tar -jtvf /path/to/foo.tgz
|
||||||
|
|
||||||
|
# To create a .gz archive and exclude all jpg,gif,... from the tgz
|
||||||
|
tar czvf /path/to/foo.tgz --exclude=\*.{jpg,gif,png,wmv,flv,tar.gz,zip} /path/to/foo/
|
||||||
|
|
|
@ -0,0 +1,63 @@
|
||||||
|
# TCPDump is a packet analyzer. It allows the user to intercept and display TCP/IP
|
||||||
|
# and other packets being transmitted or received over a network. (cf Wikipedia).
|
||||||
|
# Note: 173.194.40.120 => google.com
|
||||||
|
|
||||||
|
# Intercepts all packets on eth0
|
||||||
|
tcpdump -i eth0
|
||||||
|
|
||||||
|
# Intercepts all packets from/to 173.194.40.120
|
||||||
|
tcpdump host 173.194.40.120
|
||||||
|
|
||||||
|
# Intercepts all packets on all interfaces from / to 173.194.40.120 port 80
|
||||||
|
# -nn => Disables name resolution for IP addresses and port numbers.
|
||||||
|
tcpdump -nn -i any host 173.194.40.120 and port 80
|
||||||
|
|
||||||
|
# Make a grep on tcpdump (ASCII)
|
||||||
|
# -A => Show only ASCII in packets.
|
||||||
|
# -s0 => By default, tcpdump only captures 68 bytes.
|
||||||
|
tcpdump -i -A any host 173.194.40.120 and port 80 | grep 'User-Agent'
|
||||||
|
|
||||||
|
# With ngrep
|
||||||
|
# -d eth0 => To force eth0 (else ngrep work on all interfaces)
|
||||||
|
# -s0 => force ngrep to look at the entire packet. (Default snaplen: 65536 bytes)
|
||||||
|
ngrep 'User-Agent' host 173.194.40.120 and port 80
|
||||||
|
|
||||||
|
# Intercepts all packets on all interfaces from / to 8.8.8.8 or 173.194.40.127 on port 80
|
||||||
|
tcpdump 'host ( 8.8.8.8 or 173.194.40.127 ) and port 80' -i any
|
||||||
|
|
||||||
|
# Intercepts all packets SYN and FIN of each TCP session.
|
||||||
|
tcpdump 'tcp[tcpflags] & (tcp-syn|tcp-fin) != 0'
|
||||||
|
|
||||||
|
# To display SYN and FIN packets of each TCP session to a host that is not on our network
|
||||||
|
tcpdump 'tcp[tcpflags] & (tcp-syn|tcp-fin) != 0 and not src and dst net local_addr'
|
||||||
|
|
||||||
|
# To display all IPv4 HTTP packets that come or arrive on port 80 and that contain only data (no SYN, FIN no, no packet containing an ACK)
|
||||||
|
tcpdump 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)'
|
||||||
|
|
||||||
|
# Saving captured data
|
||||||
|
tcpdump -w file.cap
|
||||||
|
|
||||||
|
# Reading from capture file
|
||||||
|
tcpdump -r file.cap
|
||||||
|
|
||||||
|
# Show content in hexa
|
||||||
|
# Change -x to -xx => show extra header (ethernet).
|
||||||
|
tcpdump -x
|
||||||
|
|
||||||
|
# Show content in hexa and ASCII
|
||||||
|
# Change -X to -XX => show extra header (ethernet).
|
||||||
|
tcpdump -X
|
||||||
|
|
||||||
|
# Note on packet maching:
|
||||||
|
# Port matching:
|
||||||
|
# - portrange 22-23
|
||||||
|
# - not port 22
|
||||||
|
# - port ssh
|
||||||
|
# - dst port 22
|
||||||
|
# - src port 22
|
||||||
|
#
|
||||||
|
# Host matching:
|
||||||
|
# - dst host 8.8.8.8
|
||||||
|
# - not dst host 8.8.8.8
|
||||||
|
# - src net 67.207.148.0 mask 255.255.255.0
|
||||||
|
# - src net 67.207.148.0/24
|
|
@ -7,6 +7,9 @@ Ctrl-b d
|
||||||
# Restore tmux session:
|
# Restore tmux session:
|
||||||
tmux attach
|
tmux attach
|
||||||
|
|
||||||
|
# Detach an already attached session (great if you are moving devices with different screen resolutions)
|
||||||
|
tmux attach -d
|
||||||
|
|
||||||
# Display session:
|
# Display session:
|
||||||
tmux ls
|
tmux ls
|
||||||
|
|
||||||
|
@ -20,6 +23,9 @@ Ctrl-b ?
|
||||||
# Scroll in window:
|
# Scroll in window:
|
||||||
Ctrl-b PageUp/PageDown
|
Ctrl-b PageUp/PageDown
|
||||||
|
|
||||||
|
# Reload configuation file
|
||||||
|
Ctrl-b : source-file /path/to/file
|
||||||
|
|
||||||
# Window management
|
# Window management
|
||||||
# =================
|
# =================
|
||||||
|
|
||||||
|
|
|
@ -4,6 +4,9 @@ wget http://path.to.the/file
|
||||||
# To download a file and change its name
|
# To download a file and change its name
|
||||||
wget http://path.to.the/file -o newname
|
wget http://path.to.the/file -o newname
|
||||||
|
|
||||||
|
# To download a file into a directory
|
||||||
|
wget -P path/to/directory http://path.to.the/file
|
||||||
|
|
||||||
# To continue an aborted downloaded
|
# To continue an aborted downloaded
|
||||||
wget -c http://path.to.the/file
|
wget -c http://path.to.the/file
|
||||||
|
|
||||||
|
@ -13,6 +16,12 @@ wget URL1 URL2
|
||||||
# To parse a file that contains a list of URLs to fetch each one
|
# To parse a file that contains a list of URLs to fetch each one
|
||||||
wget -i url_list.txt
|
wget -i url_list.txt
|
||||||
|
|
||||||
|
# To mirror a whole page locally
|
||||||
|
wget -pk http://path.to.the/page.html
|
||||||
|
|
||||||
|
# To mirror a whole site locally
|
||||||
|
wget -mk http://site.tl/
|
||||||
|
|
||||||
# To download files according to a pattern
|
# To download files according to a pattern
|
||||||
wget http://www.myserver.com/files-{1..15}.tar.bz2
|
wget http://www.myserver.com/files-{1..15}.tar.bz2
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,12 @@
|
||||||
|
# find all file name ending with .pdf and remove them
|
||||||
|
find -name *.pdf | xargs rm -rf
|
||||||
|
|
||||||
|
# if file name contains spaces you should use this instead
|
||||||
|
find -name *.pdf | xargs -I{} rm -rf '{}'
|
||||||
|
|
||||||
|
# Will show every .pdf like:
|
||||||
|
# &toto.pdf=
|
||||||
|
# &titi.pdf=
|
||||||
|
# -n1 => One file by one file. ( -n2 => 2 files by 2 files )
|
||||||
|
|
||||||
|
find -name *.pdf | xargs -I{} -n1 echo '&{}='
|
Loading…
Reference in New Issue