100 Linux Commands you must know | CEH Hacking - vietkim027/thm GitHub Wiki

100+ Linux Commands you must know | CEH Hacking

If you know more useful commands, pls comment. More Hacking Tips ► https://bloggeroffer.blogspot.com/ or Hacking Videos ► https://youtube.com/@giapca

CPU Information:

cat /proc/cpuinfo : Displays information about the CPU, including its model, speed, cache, and flags. grep MHz /proc/cpuinfo : Shows the CPU's clock speed. nproc : Shows the number of processors (cores) available.

Operation System

lsb_release -a : This will display information about the operating system, including the distribution name, release codename, and version. uname -r : to see the kernel version. While this won't tell you the exact distribution, it can give you a clue. Some distributions have specific kernel modifications or versions.

Advanced: (cat /proc/version || uname -a ) 2>/dev/null : Obtain the kernel version information, handling potential file access issues gracefully and suppressing unnecessary error messages (env || set) 2>/dev/null : Passwords or API keys in the environment variables

Ways to determine if your system is 32-bit or 64-bit:

  1. uname -m
  • If the output is "x86_64", "amd64", or "aarch64", your system is 64-bit.
  • If the output is "i386" or "i686", your system is 32-bit.
  1. getconf LONG_BIT
  • If the output is "64", your system is 64-bit.
  • If the output is "32", your system is 32-bit.

System Management:

apt-get update && apt-get upgrade : Updates package lists and installs available updates. reboot : Restarts the system. shutdown -h now : Shuts down the system immediately.

Networking:

ifconfig : Displays network interface configuration. ip addr show : Shows network interface addresses and routes. netstat -lntp : Lists listening TCP/UDP ports. iptables -L : Shows the current firewall rules.

File System and Disk Operations:

df -h : Shows filesystem disk space usage. du -sh [directory] : Displays the disk space usage of a directory. fdisk -l : Lists disk partitions. mount /dev/sdb1 /mnt : Mounts a filesystem to a directory.

User, Password Security:

passwd [username] : Changes the password for a user. chage -l username : Shows password aging information for a user. cat /etc/sysctl.conf : Shows the system parameters. cat /etc/hosts : Shows the hosts file. ufw status : Shows the status of the Uncomplicated Firewall.

File and Directory Permissions:

chmod -R 700 /home/user : Sets the permissions for a directory and its contents to read, write, and execute only for the owner. chmod 777 file.bin : Allow everyone R, W, E file.bin chown -R root:root /home/user : Changes the owner and group of a directory and its contents. find / -perm -0002 -print : Finds files that are writable by the world. find / -perm -0004 -print : Finds files that are readable by the world.

Privilege Escalation:

sudo -l : Lists the commands a user can execute with superuser privileges. sudo -k : Invalidates the current sudo session. sudoedit /etc/passwd : Edits a file with superuser privileges.

How long your Linux system has been running

  1. uptime : This command provides a concise overview of the system's uptime, including the current time, number of days since the last reboot, and average load.
  2. w : This command shows a more detailed view of system activity, including logged-in users, their idle time, and the system load. The uptime information is typically displayed at the top of the output.

Display Disk usage in gigabytes (GB)

df -h : This will output the disk usage information in a human-readable format, including the total size in gigabytes

List open ports on a Linux system, you can use the following commands:

  1. netstat -lntp : This command lists all TCP and UDP ports that are currently listening for connections. The -l option specifies that you want to list only listening sockets, -n displays numerical addresses instead of hostnames, and -p shows the process ID and name associated with each port.
  2. ss -lntp : This command is similar to netstat, but it provides more detailed information about sockets. The -l option specifies that you want to list only listening sockets, -n displays numerical addresses instead of hostnames, and -p shows the process ID and name associated with each port.
  3. lsof -i -P : This command lists open files, including network sockets. The -i option specifies that you want to list only network sockets, and the -P option shows the process ID and name associated with each socket.

Ways to list all enabled users in Linux:

  1. users This will list the currently logged-in users. However, it won't show all enabled users, only the active ones.
  2. cat /etc/passwd | cut -d: -f1 | grep -v "^#" This command pipes the output of cat /etc/passwd (which lists all users) through cut to extract the first field (username), and then through grep to filter out lines starting with # (comments). This will list all enabled users, including those that are not currently logged in.
  3. awk -F: ' != 0 {print }' /etc/passwd This command uses awk to parse the /etc/passwd file, using : as the field separator. It then prints the first field (username) for any line where the third field (user ID) is not 0 (which indicates a disabled user).

Miscellaneous:

crontab -e : Edits the crontab for the current user. rsync [options] source destination : Synchronizes files and directories. sed 's/old_text/new_text/g' file.txt : Substitutes text in a file. awk '{print }' file.txt : Extracts the first field from each line of a file.

Find (Search)

find / -name "*.txt" -exec grep "keyword" {} ; : Searches for files and executes a command on them. If you wanna search Files/Folders that you don't have admin privileges, append "2>/dev/null" at the end of the command. find /etc -iname "*.conf" 2>/dev/null : Find only .conf files. grep -r "keyword" [directory] : Recursively searches for a keyword in files. grep -n -R -i "qwerty123" /usr/share/wordlists/ 2>/dev/null : Search for a string (qwerty123) in a file and display the line number.