The Linux Cheatsheet

FIX CHANGE LOCALE ERROR:
localedef -i en_US -f UTF-8 en_US.UTF-8
vi /etc/profile.d/locale.sh
export LANG=en_US.UTF-8
export LANGUAGE=en_US.UTF-8
export LC_COLLATE=C
export LC_CTYPE=en_US.UTF-8
source /etc/profile.d/locale.sh

MANUAL LOG ROTATION
touch maillog2; chmod `stat -c %a maillog` maillog2; chown `stat -c %u maillog` maillog2;
mv maillog maillog-$(date +%Y%m%d); mv maillog2 maillog; service rsyslog restart;
screen -d -m bzip2 maillog-$(date +%Y%m%d);

CHANGE HOSTNAME (CENTOS7):
hostnamectl set-hostname voyager123

REMOVE YUM REPO:
yum-config-manager –disable repository-id-or-name

USING ANTI VIRUS SOLUTION:
yum –enablerepo=epel install clamav
freshclam
clamscan –infected –remove –recursive /home

TO MOVE ALL OLD FILES INTO A DIRECTORY:
mv `ls -1tr | head -n 10` archive/

USING CLI and CURL TO GET PUBLIC IP:
curl http://ip4.me 2>/dev/null | sed -e ‘s#]*>##g’ | grep ‘^[0-9]’

USING CLI AND CURL TO GET EC2 INFO:
curl http://169.254.169.254/latest/meta-data/

FIND TOP 10 LARGEST DIRECTORIES:
find . -type d -print0 | xargs -0 du | sort -n | tail -10 | cut -f2 | xargs -I{} du -sh {}

MONITORING TOP 5 PROCESS:
ps -eo pid,pcpu,args –no-headers | sort -nk 2 | head -n 5
ps -Ao pid,pcpu,args –sort=-pcpu | head -n 5
top -b -n 1 | head -n 12 | tail -n 5

MONITOR SPECEFIC PROCESS:
top -b -n 10 | grep something

FIND WHICH PACKAGE PROVIDE A FILE OR FEATURE:
yum provides ‘*File/Tail.pm’

PREPARE FTP AND USERS:
yum install vsftpd
vi /etc/vsftpd/vsftpd.conf
local_enable=YES
anonymous_enable=NO
service vsftpd restart
groupadd ftpusers
adduser -g ftpusers -d /var/www/html/ws1 -s /sbin/nologin -c commentsgoeshere -p password ftp.user1
chown -R apache:ftp.user1 /var/www/html/ws1
chmod 775 -R /var/www/html/ws1

INSTALL AND ENABLE EPEL REPOSITORY:
rpm -Uvh http://epel.mirror.net.in/epel/6/x86_64/epel-release-6-8.noarch.rpm
yum –disablerepo=* –enablerepo=epel list available

INSTALL RPMFORGE REPOSITORY:
rpm -Uvh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.i686.rpm

INSTALL RAR AND 7ZIP:
yum install rar unrar p7zip -y

CHECK A WEBSITE REDIRECTIONS AND HEADERS ONLY:
curl -L -s -D – somedomain.com -o /dev/null

DOWNLOAD FROM FTP USING CURL:
curl -u ‘username’:’password’ ‘ftp://ftp-server/file.zip’ -o local_file.zip

FINDS ALL FILES CONTAINING A PATTERN:
grep -rnw ‘directory’ -e “pattern”

DOWNLOAD ALL CONTENTS OF THE FTP USING WGET
wget -r -l 0 –user=”username” –ask-password ftp://domain.com/public_html/

COPY FILE FROM LOCAL TO SERVER PORT 2222:
scp -p 2222 -i /home/user/key.pem /home/user/backup.sql username@server:/opt/mysql/backup.sql

COPY FILE FROM SERVER PORT 2222 TO LOCAL:
scp -p 2222 -i /home/user/key.pem username@server:/opt/mysql/backup.sql /home/user/backup.sql

SYNC FILES FROM LOCAL TO SERVER IN PORT 2222:
rsync -azPvrltgo -e ‘ssh -p 2222’ /var/mail/ root@server:/var/mail/

SYNC FILES FROM SERVER TO LOCAL IN PORT 2222:
rsync -azPvrltgo -e ‘ssh -p 2222′ root@server:/var/mail/ /var/mail/

RESET MYSQL ROOT PASSWORD:
sudo service mysqld stop
sudo mysqld_safe –skip-grant-tables &
mysql -u root
use mysql;
update user set password=PASSWORD(“newpassword”) where User=’root’;
flush privileges; //not sure the effects
quit
sudo service mysqld restart

REPLACE STRING IN ALL FILES WITH SPECEFIC PATTERN (IN THE CURRENT DIR):
find . -type f -name “*.*” -exec sed -i ‘s/old-text/new-test/g’ {} +
find . -type f -name “db-*-data-config.xml” -exec sed -i ‘s/old-text/new-text/g’ {} +
find . -type f -name “solrconfig.xml” -exec sed -i ‘s/old-text/new-text/g’ {} +

SHOW CONTENTS OF ALL THE FILES THAT FOUND:
find . -type f -name “db*data-config.xml” -exec cat {} \;

MAKE BACKUP OF SPECIFIC FOLDERS:
find . -type d -name “conf” -exec cp –parents -a {} /root/conf_backup/ \;

MONITORING AND RESTORING SERVICES,FILES,ERC WITH MONIT:
http://www.cyberciti.biz/tips/howto-monitor-and-restart-linux-unix-service.html

INSTALL P4PERFORCE MODULES:
copy all pre-compiled P4 files to /usr/local/lib/python3.4/site-packages/

TO DISOWN SOME-PROGRAM AND LOGOUT:
Ctrl+Z
[1]+ Stopped some-program
$ disown -h %1
$ bg 1
[1]+ myprogram &
$ logout

USING SOCAT:
socat TCP-LISTEN:64000,reuseaddr,fork TCP:10.1.7.99:22

EXTRACT TAR GZ FILE:
tar -cvf important.tar -T listOfiles

SFTP TP SERVER PORT 2222:
sftp -oPort=2222 root@server:/var/www/

PUT LAST MODIFIED FILE TO DESTINATION WITH SFTP:
find /etc -mtime -528 -type f -exec ls -RAlhtr –time-style long-iso {} \; | awk ‘NF>2 {print $8}’ > last_modified_files

TAR A LIST OF FILES:
tar -cvf files_in_list.tar -T list_of_files

LIST RECURSIVE /HOME:
ls -RA /home | awk ‘/:$/&&f{s=$0;f=0} /:$/&&!f{sub(/:$/,””);s=$0;f=1;next} NF&&f{ print s”/”$0 }’

FIND LAST MODIFIED FILES SORT BY DATE AND SHOW ONLY USEFUL INFO:
find /etc -mtime -528 -type f -exec ls -Alhtr –time-style long-iso {} \; | sort -k 6 | awk ‘{print $1,$3,$4,$6,$7,$8}’

FIND INSTALLED PACKAGES WITH NAME HTTP:
yum list installed | sed ‘s/\./ /g’ | awk ‘// {print $1;}’

LIST LAST FILES AT END BY TYPING LT ONLY:
alias lt=’ls -Alhtr’

BACKUP:
tar -cvzf bak1.tar.gz realestate

JUST SHOW THE ACTUAL CONFIGURATIONS NOT COMMENTS:
cat /etc/samba/smb.conf | grep -v “;” | grep -v “#”

DELETES ALL THE FILES EXCEPT THE 20 MOST RECENT ONES:
ls -A1t | tail -n 20 | xargs rm

GET MY VALID IP:
curl http://icanhazip.com

GET MY PRIVATE IP AND MAC:
ip addr show eth0 | grep inet | awk ‘{ print $2; }’ | sed ‘s/\/.*$//’

DUMP TCP PORT HTTP FROM/TO 10.10.10.3 ON SCREEN:
sudo tcpdump -i eth0 -c 100 -s 0 -XX -w capz/cap.cap -Z developer -C 5,000,000 host 10.10.10.3 and tcp port http

GENERATE SSL KEY AND CERTIFICATE:
openssl genrsa -des3 -out domain.key 1024
openssl req -new -key domain.key -out domain.csr
openssl x509 -req -days 365 -in domain.csr -signkey domain.key -out domain.crt

GENERATE SSL KEY AND CERTIFICATE:
openssl req -x509 -batch -nodes -newkey rsa:2048 -keyout server.key -out server.crt -config ssl.conf -days 3650 (Generate CA cert and key)
openssl req -x509 -new -keyout ca.key -out ca.cert -config ssl.conf -days 3650 (Generate Server cert and key)
openssl dhparam -out dh.pem 2048 (Generate Diffie–Hellman configurations)

DOMAIN CONTROLER USERS:
wbinfo -u
wbinfo -g
wbinfo –gid-info
wbinfo –uid-info
wbinfo –group-info
wbinfo –user-info

CHANGE OWNER BY UID AND GID:
chown -R 16777222:16777216 /home/user/test/*

GENERATE BASIC SYSTEM INFO:
free | head -2 >> info && echo ——————— >> info && lscpu >> info

UPDATE TIME:
date ; sudo service ntp stop ; sudo ntpdate -s time.nist.gov ; sudo service ntp start ; date

SIMPLE NETWORK CONFIG INTERFACE:
nmtiu

APACHE SECURITY and SITE CONFIG:
vi /etc/apache2/conf-available/security.conf
vi /etc/apache2/sites-available/000-default.conf

ADD NEW STORAGE BLOCK DEVICE:
lsblk
sudo file -s /dev/xvdb
sudo mkfs -t ext4 /dev/xvdb
sudo mkdir mount_point
sudo mount /dev/xvdm mount_point

USING NETCAT TO LISTEN ON PORT 2222 AND SPAWN SHELL FOR CONNECTIONS:
nc -lvp 2222 -e cmd.exe
or
nc -l 2222 -e /bin/bash -i
or
cat /tmp/tmp_fifo | /bin/sh -i 2>&1 | nc -l 2222 > /tmp/tmp_fifo

BANNER GRABING USING NETCAT:
nc -vnzw host port

BASIC WIPE:
dd if=/dev/zero of=/dev/xvdb bs=1M

MONITOR DD:
watch -n 10 kill -USR1 8789

TRANSFER FILE OVER NETWORK WHILE COMPRESSING DATA ON THE WAY:
nc -l -p 1897 | bzip2 -d | dd bs=16M of=/dev/sda
dd bs=16M if=/dev/sda | bzip2 -c | nc 192.168.1.2 1897

FOLDER SIZE:
du -sh /var/ftp/

LIST ALL FILES IN A DRIECTORY RECURSIVELY:
find /home/dreftymac -type f

SOME LISTINGS:
lspci -nnk | grep -i net -A2
lsusb
lsmod
lscpu
lsblk
dmesg

NS DIG:
dig @ns01.domain.com mydomain.com axfr

REMOVE LOCK FILES:
find -wholename “*/.svn/lock” -exec rm -f {} \;

CHANGE VBOX HDD UUID:
VBoxManage internalcommands sethduuid xxx.vdi

SET IP AND SUBNET MASK TO INTERFACE:
ifconfig eth1 192.168.1.99 netmask 255.255.255.0

EDIT DNS SERVERS:
vi /etc/resolv.conf
nameserver 192.168.1.1

ADDING DEFAULT GATEWAY:
route add default gw 192.168.1.1 eth1

CHANGE INTERFACE NAME:
cat /etc/udev/rules.d/70-persistent-net.rules
vi /etc/udev/rules.d/70-persistent-net.rules

MAKE DIRECTORY WITH PARENTS:
mkdir -p /a/b/c/d/e

MOUNT NTFS VOLUME:
sudo mount -t ntfs /dev/sda2 /media/D -o nls=utf8,uid=1000,gid=100,umask=007

CHNAGE FILE/DIRECTORY MODE:
chmod -R 764 /var/www/html

CHANGE OWNER OF FILE/DIRECTORY:
chown -R apache:ftpusers /var/www/html

AIRCRACK PACKAGE (WIFI TOOLS):
airmon-ng start wlan0
aireplay-ng -0 1 -a 00:14:6C:7E:40:80 -c 00:0F:B5:FD:FB:C2 ath0
aireplay -2 -b 00:30:0A:FC:A0:64 -h 00:c0:ca:39:75:3e -n 100 -p 0841 -c FF:FF:FF:FF:FF:FF mon0 //-2 is Interactive Packet Replay
aireplay-ng -9 -e teddy -a 00:14:6C:7E:40:80 ath0 //-9 is “injection test”
aircrack-ng -a 2 -w password.lst -b 00:14:6C:7E:40:80 psk*.cap //-2 is “WPA crack”
aireplay-ng -1 0 -e teddy -a 00:14:6C:7E:40:80 -h 00:0F:B5:88:AC:82 ath0 //-1 fake authentication
aireplay-ng -1 6000 -o 1 -q 10 -e teddy -a 00:14:6C:7E:40:80 -h 00:0F:B5:88:AC:82 ath0 // 6000: reauthenticate every 6000s
aireplay-ng -3 -b 00:14:6C:7E:40:80 -h 00:0F:B5:88:AC:82 ath0 //-3 arp request reply mode
aircrack-ng -b 00:14:6C:7E:40:80 output*.cap
aircrack-ng -K -b 00:14:6C:7E:40:80 output*.cap //To use the FMS/Korek method
airodump ath0 lucid 6 1 //1 is for just capturing IVs, 0 is to capture all

USING TOR:
vi /etc/yum.repos.d/torproject.repo
[tor]
name=Tor repo
enabled=1
baseurl=http://deb.torproject.org/torproject.org/rpm/el/6/$basearch/
gpgcheck=1
gpgkey=http://deb.torproject.org/torproject.org/rpm/RPM-GPG-KEY-torproject.org.asc
[tor-source]
name=Tor source repo
enabled=1
autorefresh=0
baseurl=http://deb.torproject.org/torproject.org/rpm/el/6/SRPMS
gpgcheck=1
gpgkey=http://deb.torproject.org/torproject.org/rpm/RPM-GPG-KEY-torproject.org.asc
yum install tor
service tor start

CHECK SERVICE AND BEEP IF NOT RESPONDING:
while (nc -vv -z -w3 127.0.0.1 80 > /dev/null); do echo “Service is ok”; sleep 3; done; while (true); echo “Service is dead”; do echo -e “\x07”; sleep 1; done

TRANSLATE HOST NAMES IN A FILE TO THEIR IP:
for hostname in $(cat hostnamesfiles.txt);do host $hostname; done

SIMPLE PING SWEEP:
for ip in $(seq 1 254); do
ping -c 1 192.168.1.$ip | grep “bytes from” | cut -d ” ” -f 4 &
done

RENAME ALL FILES IN A DIRECTORY:
#!/bin/sh
index=0;
for name in *.apk
do
mv “${name}” “${index}.apk”
index=$((index+1))
done

SOME IMPORTANT FILES:
/boot/vmlinuz – the typical location and name of the Linux kernel.
/dev/hda – first IDE hard drive
/dev/null – used when you want to send output into oblivion
/etc/aliases – file containing aliases used by sendmail and other MTAs (mail transport agents). After updating this file, it is necessary to run the newaliases utility for the changes to be passed to sendmail.
/etc/bashrc – system-wide default functions and aliases for the bash shell
/etc/conf.modules – aliases and options for configurable modules
/etc/crontab – shell script to run different commands periodically (hourly, daily, weekly, monthly, etc.)
/etc/DIR_COLORS – used to store colors for different file types when using ls command. The dircolors command uses this file when there is not a .dir_colors file in the user’s home directory. Used in conjunction with the eval command (see below).
/etc/exports – specifies hosts to which file systems can be exported using NFS. Man exports contains information on how to set up this file for remote users.
/etc/fstab – contains information on partitions and filesystems used by system to mount different partitions and devices on the directory tree
/etc/HOSTNAME – stores the name of the host computer(Used in Debian).For Red Hat Linux it would be /etc/sysconfig/network.
/etc/hosts – contains a list of host names and absolute IP addresses.
/etc/hosts.allow – hosts allowed (by the tcpd daemon) to access Internet services
/etc/hosts.deny – hosts forbidden (by the tcpd daemon) to access Internet services
/etc/group – similar to /etc/passwd but for groups
/etc/inittab – runs different programs and processes on startup. This is typically the program which is responsible for, among other things, setting the default runlevel, running the rc.sysinit script contained in /etc/rc.d, setting up virtual login terminals, bringing down the system in an orderly fashion in response to [Ctrl][Alt][Del], running the rc script in /etc/rc.d, and running xdm for a graphical login prompt (only if the default runlevel is set for a graphical login).
/etc/passwd – contains passwords and other information concerning users who are registered to use the system. For obvious security reasons, this is writable only by root and readble by others. It can be modified by root directly, but it is preferable to use a configuration utility such as passwd to make the changes. A corrupt /etc/passwd file can easily render a Linux box unusable.
/etc/resolv.conf – contains a list of domain name servers used by the local machine
/etc/securetty – contains a list of terminals on which root can login. For security reasons, this should not include dialup terminals.
/etc/X11/XF86Config – X configuration file. The location in Slackware is /etc/XF86Config.
/proc/cpuinfo – cpu information
/proc/filesystems – prints filesystems currently in use
/proc/interrupts – prints interrupts currently in use
/proc/ioports – contains a list of the i/o addresses used by various devices connected to the computer
/var/log/messages – used by syslog daemon to store kernel boot-time messages

TALKING COW FOR FUN AND BENEFIT!!
apt-get moo | cowsay -n

DIRTY COMMAND!!
$ who |grep -i blonde | date; cd~; unzip; touch; strip; finger; mount; gasp; yes; uptime; umount;sleep;>>O

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s