sudo dd if=/path/to/your/isofile of=/your/usb/disk
Compress an entire directory or a single file
tar -czvf archive.tar.gz /path/to/directory-or-file
Compress multiple directories or files at once
tar -czvf archive.tar.gz /home/ubuntu/Downloads /usr/local/stuff /home/ubuntu/Documents/notes.txt
Compress excluding directories and files
tar -czvf archive.tar.gz /home/ubuntu --exclude=/home/ubuntu/Downloads --exclude=/home/ubuntu/.cacheor
tar -czvf archive.tar.gz /home/ubuntu --exclude=*.mp4
Extract files
tar -xzvf archive.tar.gz
Extract with output directory name
tar -xzvf archive.tar.gz -C /tmp
See the content without extract
tar -tvf archive.tar.gz
N.B.
For all the following commands, the port can be excluded if the ssh service is running on default port (22)
Key generation
ssh-keygen
ssh access
ssh user@ip:port
Automatic ssh access stubbing password (not good, use public/private key pair)
sudo apt install sshpass sshpass -p password ssh user@ip:port
Setup automatic ssh access with KeyPair
ssh-copy-id user@ip:port ssh user@ip:port
Copy the file "foobar.txt" from a remote host to the local host
scp username@ip:foobar.txt /some/local/directory
Copy the file "foobar.txt" from the local host to a remote host
scp foobar.txt username@ip:/some/remote/directory
Copy the directory "foo" from the local host to a remote host's directory "bar"
scp -r foo username@ip:/some/remote/directory/bar
Copy the file "foobar.txt" from remote host "ip1" to remote host "ip2"
scp username@ip1:/some/remote/directory/foobar.txt username@ip2:/some/remote/directory/
Dump all traffic
sudo tcpdump
Dump traffic for specific interface
sudo tcpdump -i ens33
Dump traffic for specific port port
sudo tcpdump port 8080
Dump traffic for specific interface and port
sudo tcpdump -i ens33 port 8080
Dump traffic for specific host
sudo tcpdump host 192.168.1.130
Dump traffic translating addresses
sudo tcpdump -n
Dump traffic writing to file
sudo tcpdump -U -w dump.pcap
Read file
sudo tcpdump -r dump.pcap
ifconfig (deprecated)
ifconfig
ip (preferred)
ip a
Reverse ip-address
nslookup IP_ADDRESS
Reverse domain
dig +short google.com
Show routes
route -nor
netstat -rn
Show policies
sudo ip xfrm policy
Show tables
sudo iptables -S
Show rules
sudo ip rule
Connect
sudo nmcli con up id MY_CONNECTION
Disconnect
sudo nmcli con down id MY_CONNECTION
"PING" specific TCP port
nc -z -v -t 127.0.0.1 4789
"PING" specific UDP port
nc -z -v -u 127.0.0.1 4789
More info TCP single port
sudo nmap -Pn -p 4789 127.0.0.1
More info UDP single port
sudo nmap -Pn -sU -p 4789 127.0.0.1
More info whole net
sudo nmap -Pn 127.0.0.1
Guess Operating System
sudo nmap -O 127.0.0.1
Find vulnerabilities (BONUS)
sudo nmap -Pn -sV -sC 127.0.0.1
Show MAC
ip link show
MAC spoofing
ip link set eth0 down ip link set eth0 address 00:00:00:00:00:00 ip link set eth0 up
Build image
docker build -t foo:0.0.1-SNAPSHOT .
TAG image
docker tag foo:0.0.1-SNAPSHOT myregistry.it/project/foo:0.0.1-SNAPSHOT
Registry Login
docker login -u <user> -p <password> myregistry.it
Registry Logout
docker logout myregistry.it
Push Image
docker push myregistry.it/project/foo:0.0.1-SNAPSHOT
Inspect registry saved credentials
cat ~/.docker/config.json
Ports to open
- TCP 2366
- TCP 2377
- TCP_UDP 7946
- UDP 4789
Init swarm for manager node
docker swarm init
This command register the current machine as Manager/Leader
Add manager
docker swarm join --token <TOKEN_RELEASED_AFTER_INIT> IP:2377
Retrieve the manager token
docker swarm join-token manager
Join workers
docker swarm join --token <Token released after the manager join> MANAGER_IP:2377
Retrieve the token for joining workers (Run on the manager)
docker swarm join-token worker
Show nodes from the manager
docker node ls
Show services
docker service ls
Create services
https://docs.docker.com/engine/reference/commandline/service_create/
Scale services
docker service scale <service_name or service_id>=<NUMBER_OF_REPLICAS>
Remove services
docker service rm <service_name or service_id>
Deploy stack
Simple
docker stack deploy --compose-file <COMPOSE_FILE.yaml> <STACK_NAME>With custom registry
docker stack deploy --with-registry-auth --compose-file <COMPOSE_FILE.yaml> <STACK_NAME>Prune services that are no longer referenced
docker stack deploy --prune --compose-file <COMPOSE_FILE.yaml> <STACK_NAME>
Remove stack
docker stack rm <STACK_NAME>
Leave swarm
worker
docker swarm leavemanager
docker swarm leave --force
Read services logs from manager
follow
docker service logs --follow <service_name or service_id>tail
docker service logs --tail 10 <service_name or service_id>all
docker service logs <service_name or service_id>since
docker service logs --since 60m <service_name or service_id>
Apply services from yaml
kubectl apply -f <FILENAME>.yaml
Delete services from yaml
kubectl delete -f <FILENAME>.yaml
Delete services from yaml
kubectl delete -f <FILENAME>.yaml
Enable auto startup
sudo systemctl enable sshd
Disable auto startup
sudo systemctl disable sshd
Start service
sudo systemctl start sshd
Stop service
sudo systemctl stop sshd
Restart service
sudo systemctl restart sshd
Status service
sudo systemctl status sshd
Reload configuration files
sudo systemctl daemon-reload
w whoami id
Octal
stat -c "%a %n" <FILENAME> | awk '{print $1}'
Symbolic
ls -la | grep <FILENAME> | awk '{print $1}'
Swap on disk
- Create a partition of preferred size (gparted)
- Get the partition UUID
sudo blkid /dev/nvme0n1p3
- Modify /etc/fstab
UUID=a8db2b2e-9776-4178-b93e-357bae5dd0b1 none swap sw 0 0
- Reboot
Swap on file
- Disable exchanges
sudo swapoff -a- Create swapfile
sudo dd if=/dev/zero of=/swapfile bs=1M count=8192- Make the swapfile "swappable"
sudo mkswap /swapfile- Turn on the swap
sudo swapon /swapfile- Verify
grep SwapTotal /proc/meminfo
Show status
sestatus
Disable temporary
sudo setenforce 0
Disable permanent
vim /etc/sysconfig/selinuxSELINUX=disabled