Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Really useful linux commands

917 views

Published on

I’ve been keeping a collection of Linux commands that are particularly useful; some are from websites I’ve visited, others from experience

I hope you find these are useful as I have. I’ll periodically add to the list, so check back occasionally.

Published in: Internet
  • Be the first to like this

Really useful linux commands

  1. 1. I’ve been keeping a collection of Linux commands that are particularly useful; some are from websites I’ve visited, others from experience I hope you find these are useful as I have. I’ll periodically add to the list, so check back occasionally. CONTENTS Admin Commands .................................................................................................................... 2 GIT/JIRA.................................................................................................................................. 10 Images..................................................................................................................................... 10 Misc Commands ..................................................................................................................... 11 Networking .............................................................................................................................. 12 Windows.................................................................................................................................. 13 Java......................................................................................................................................... 13 VituralBox................................................................................................................................ 13 Apache .................................................................................................................................... 13 Encryption ............................................................................................................................... 14 Curl and Such ......................................................................................................................... 15 MySQL .................................................................................................................................... 17 Ports........................................................................................................................................ 19 File........................................................................................................................................... 21 Comics .................................................................................................................................... 26 Other Fun................................................................................................................................ 26
  2. 2. Page 2 Admin Commands # netstat with group by (ip adress) netstat -ntu | awk ' $5 ~ /^[0-9]/ {print $5}' | cut -d: -f1 | sort | uniq -c | sort -n # df without line wrap on long FS name alias df="df | awk 'NF == 1 {printf($1); next}; {print}'" # Update your system every day at lunch time (12:00) (crontab -e) 00 12 * * * apt-get update (/etc/init.d/cron restart) # Turn off SE Linux setenforce 0 # How to Disable SELinux echo 0 >/selinux/enforce # Free unused memory currently unavailable dd if=/dev/zero of=junk bs=1M count=1K # Reboot shutdown now -r or reboot # Run the last command as root sudo !! # Execute a command without saving it in the history <space>command # Salvage a borked terminal reset # Execute a command at a given time echo "ls -l" | at midnight # Get your external IP address curl ifconfig.me # Close shell keeping all subprocess running disown -a && exit # Set audible alarm when an IP address comes online ping -i 60 -a IP_address # Display the top ten running processes - sorted by memory usage ps aux | sort -nk +4 | tail
  3. 3. Page 3 # save command output to image ifconfig | convert label:@- ip.png # Display which distro is installed cat /etc/issue # Extract tarball from internet without local saving wget -qO - "http://www.tarball.com/tarball.gz" | tar zxvf - # Copy your SSH public key on a remote machine for passwordless login - the easy way ssh-copy-id username@hostname # Start COMMAND, and kill it if still running after 5 seconds timeout 5s COMMAND # Download YouTube video with wget! wget http://www.youtube.com/watch?v=dQw4w9WgXcQ -qO- | sed -n "/fmt_url_map/{s/['"|]/n/g;p}" | sed -n '/^fmt_url_map/,/videoplayback/p' | sed -e :a -e '$q;N;5,$D;ba' | tr - d 'n' | sed -e 's/(.*),(.){1,3}/1/' | wget -i - -O surprise.flv # Block known dirty hosts from reaching your machine wget -qO - http://infiltrated.net/blacklisted|awk '!/#|[a- z]/&&/./{print "iptables -A INPUT -s "$1" -j DROP"}' # Add timestamp to history export HISTTIMEFORMAT="%F %T " # check site ssl certificate dates echo | openssl s_client -connect www.google.com:443 2>/dev/null |openssl x509 -dates -noout # Create a nifty overview of the hardware in your computer lshw -html > hardware.html # Repoint an existing symlink to a new location ln -nsf <TARGET> <LINK> # Find broken symlinks find -L . -type l # df without line wrap on long FS name df -P | column -t # Make sudo forget password instantly sudo -K # clear current line CTRL+u
  4. 4. Page 4 # Terminate a frozen SSH-session RETURN~. # Figure out what shell you're running echo $0 # Use all the cores or CPUs when compiling make -j 4 # change directory to actual path instead of symlink path cd `pwd -P` # Find last reboot time who -b # Run any GUI program remotely ssh -fX <user>@<host> <program> # Press ctrl+r in a bash shell and type a few letters of a previous command ^r in bash begins a reverse-search-history with command completion # Quick glance at who's been using your system recently last | grep -v "^$" | awk '{ print $1 }' | sort -nr | uniq -c # monitor memory usage watch vmstat -sSM # disable history for current shell session unset HISTFILE # Check Ram Speed and Type in Linux sudo dmidecode --type 17 | more # Display BIOS Information dmidecode -t bios # Sort all running processes by their memory & CPU usage ps aux --sort=%mem,%cpu # Change user, assume environment, stay in current dir su -- user # Function that outputs dots every second until command completes sleeper(){ while `ps -p $1 &>/dev/null`; do echo -n "${2:-.}"; sleep ${3:-1}; done; }; export -f sleeper # Testing hard disk reading speed hdparm -t /dev/sda # Find broken symlinks find . -type l ! -exec test -e {} ; -print
  5. 5. Page 5 # scping files with streamlines compression (tar gzip) tar czv file1 file2 folder1 | ssh user@server tar zxv -C /destination # Discover the process start time ps -eo pid,lstart,cmd # what model of computer I'm using? sudo dmidecode | grep Product # Run a command when a file is changed while inotifywait -e modify /tmp/myfile; do firefox; done # Rapidly invoke an editor to write a long, complex, or tricky command <ESC> v # kill all process that belongs to you kill -9 -1 # repeat a command every one second watch -n 1 "do foo" # List your MACs address lsmac() { ifconfig -a | sed '/eth|wl/!d;s/ Link.*HWaddr//' ; } # Instantly load bash history of one shell into another running shell $ history -a #in one shell , and $ history -r #in another running shell # When was your OS installed? ls -lct /etc | tail -1 | awk '{print $6, $7}' # LDAP search to query an ActiveDirectory server ldapsearch -LLL -H ldap://activedirectory.example.com:389 -b 'dc=example,dc=com' -D 'DOMAINJoe.Bloggs' -w 'p@ssw0rd' '(sAMAccountName=joe.bloggs)' # hard disk information - Model/serial no. hdparm -i[I] /dev/sda # Show the UUID of a filesystem or partition blkid /dev/sda7 # Find all symlinks that link to directories find -type l -xtype d # List your sudo rights sudo -l # Make changes in .bashrc immediately available . ~/.bashrc
  6. 6. Page 6 # Add existing user to a group usermod -a -G groupname username # useless load cat /dev/urandom | gzip -9 > /dev/null & # Finding the number of cpu's grep -c -e '^cpu[0-9]+' /proc/stat # List the CPU model name grep "model name" /proc/cpuinfo # geoip information GeoipLookUp(){ curl -A "Mozilla/5.0" -s "http://www.geody.com/geoip.php?ip=$1" | grep "^IP.*$1" | html2text; } # Verify if user account exists in Linux / Unix id <username> # Show an application's environment variables sudo sed 's/o0/n/g' "/proc/$(pidof -x firefox)/environ" ;# replace firefox # Tail a log file with long lines truncated tail -f logfile.log | cut -b 1-80 # Find Out My Linux Distribution Name and Version cat /etc/*-release # Find broken symlinks find . -type l -xtype l # Creates a symbolic link or overwrites an existing one ln -nvfs /source /destination # Change the primary group of a user usermod -g group user # vi a remote file with port vi scp://username@host:12345//path/to/somefile # show where symlinks are pointing lsli() { ls -l --color "$@" | awk '{ for(i=9;i<NF;i++){ printf("%s ",$i) } printf("%sn",$NF) }'; } # Extract public key from private openssl rsa -in key.priv -pubout > key.pub # Top 10 Memory Consuming Processes ps -auxf | sort -nr -k 4 | head -10 # watch your network load on specific network interface
  7. 7. Page 7 watch -n1 'ifconfig eth0|grep bytes' # Get all IPs via ifconfig ifconfig | awk '/ddr:[0-9]/ {sub(/addr:/, ""); print $2}' # Skip banner on ssh login prompt ssh -q user@server # Shows cpu load in percent top -bn2|awk -F, '/Cpu/{if (NR>4){print 100-gensub(/.([^ ]+).*/,"1","g",$4)}}' # Capture video of a linux desktop ffmpeg -f x11grab -s wxga -r 25 -i :0.0+1366,0 -qscale 0 /tmp/out.mpg # Find last reboot time sysctl -a | grep boottime | head -n 1 # Command to logout all the users in one command who -u|grep -v root|awk {'print $6'}|kill `awk {'print $0'}` # Know SELinux status sestatus -v # Create more threads with less stack space ulimit -s 64 # Get me yesterday's date, even if today is 1-Mar-2008 and yesterday was 29-Feb-2008 TZ=XYZ24 date # Run the last command as root sudo !-1 # Get number of users on a minecraft server (echo -e 'xfe'; sleep 1) |telnet -L $HOSTIP 25565 2>/dev/null |awk - F'xa7' '$2 {print "users: "$2"/"$3;}' # Get size of terminal alias termsize='echo $COLUMNS x $LINES' # list services running (as root) service --status-all | grep running # List users with running processes ps aux | sed -n '/USER/!s/([^ ]) .*/1/p' | sort -u # Create new user with home dir and given password useradd -m -p $(perl -e'print crypt("passwordscelta", "stigghiola")') user # Find out when your billion-second anniversary is (was).
  8. 8. Page 8 date -d09/19/1966+1000000000sec # Change timestamp on a file touch -amct [[CC]YY]MMDDhhmm[.ss] FILE # force change password for all user while IFS=: read u x; do passwd -e "$u"; done < /etc/passwd # Greets the user appropriately echo -e "12 morningn15 afternoonn24 evening" |awk '{if ('`date +%H`'<$1) {print "Good "$2;exit}}' # DNS cache snooping for i in `cat names.txt`; do host -r $i [nameserver]; done # List all users cut -d: -f1 /etc/passwd | sort # Flush DNS sudo /etc/init.d/dns-clean # ssh copy cat ~/.ssh/id_rsa.pub | ssh deployer@xxxxx -p 52201 'cat >> ~/.ssh/authorized_keys' # Delete the previous entry in your history alias histdel='history -d $((HISTCMD-2)) && history -d $((HISTCMD-1))' # Should I be sleeping? [ $(date +"%H") -lt 7 ] && echo you should probably be sleeping... # copy zip files which contains XXX for i in *RET.zip; do unzip -l "$i"| grep -B 4 XXX | grep RET| sed "s/.+EPS/EPS/" |xargs -I '{}' cp '{}' out/'{}';done; # grep for 2 words existing on the same line egrep 'word1.*word2' --color /path/file.log |more # Kill all processes belonging to a user ps wwwwuax|awk '/command/ { printf("kill -9 %sn",$2) }'|/bin/sh # Quick access to ASCII code of a key man ascii # get ip and hostname for this computer alias me="echo '`ifconfig | grep inet | grep broadcast | awk '{print $2}'`' && uname -n" # Set date and time sudo date -s "26 OCT 2008 19:30:00" # Generate SSH key
  9. 9. Page 9 ssh-keygen -t rsa -b 4096 -f ~/.ssh/<ROLE>_rsa -C "Comment goes here" # Kill google chrome process killall "Google Chrome" # Make 'less' behave like 'tail -f'. less +F somelogfile # Generate an XKCD #936 style 4 word password shuf -n4 /usr/share/dict/words | tr -d 'n' # Alternative way to generate an XKCD #936 style 4 word password usig sed shuf -n4 /usr/share/dict/words | sed -e ':a;N;$!ba;s/n/ /g;s/'''//g;s/b(.)/u1/g;s/ //g' # Calculates the date 2 weeks ago from Saturday the specified format. date -d '2 weeks ago Saturday' +%Y-%m-%d # Get Dell Service Tag Number from a Dell Machine sudo dmidecode | grep Serial Number | head -n1
  10. 10. Page 10 GIT/JIRA # Grab all JIRA ticket numbers (e.g. ABC-123) mentioned in commits added in feature branch off of master git log master...feature-a | grep -o -E 'b([A-Z]+)-[0-9]+b' | sort | uniq # Git log (commits titles) of today git log --after="yesterday" --pretty=format:%s |uniq Images # Determine an image's dimensions identify -format "%wx%h" /path/to/image.jpg # Resolution of a image identify -format "%[fx:w]x%[fx:h]" logo: # Create a favicon convert -colors 256 -resize 16x16 face.jpg face.ppm && ppmtowinicon - output favicon.ico face.ppm
  11. 11. Page 11 Misc Commands # Press Any Key to Continue echo -n "Press any key to continue..." && read # Random Beeps on Your PC Speaker dd if=/dev/urandom of=/dev/speaker bs=1 # countdown from 10 ... clear; tput cup 8 8; for i in $(seq 1 10); do echo -n "$((11-$i)) ";sleep 1; done; tput cup 10 8; echo -e "DONEnn" # Quick access to the ascii table. man ascii # convert single digit to double digits for i in ?.ogg; do mv $i 0$i; done # vim easter egg $ vim ... :help 42 # Random Number between 1 And 256 od -An -N1 -tu1 /dev/random # Print a random 8 digit number jot -r -n 8 0 9 | rs -g 0 # Returns last day of current month cal | egrep -e '^ [0-9]|^[0-9]' | tr 'n' ' ' | awk '{print $NF}'
  12. 12. Page 12 Networking # A list of IPs (only) that are online in a specific subnet. nmap -sP 192.168.1.0/24 | awk "/^Host/"'{ print $3 }' |nawk -F'[()]' '{print $2}' # Regex to reliably search a file for valid IP addresses (and external IP addresses) grep -Eoa "b(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0- 5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)b" Filetosearch.txt # regex to match an ip echo 254.003.032.3 | grep -P '^((25[0-4]|2[0-4]d|[01]?[d]?[1-9]).){3}(25[0-4]|2[0- 4]d|[01]?[d]?[1-9])$' # List alive hosts in specific subnet nmap -sP 192.168.1.0/24 # find all active IP addresses in a network nmap -sP 192.168.1.0/24; arp -n | grep "192.168.1.[0-9]* *ether" # Ping scanning without nmap for i in {1..254}; do ping -c 1 -W 1 10.1.1.$i | grep 'from'; done # The NMAP command you can use scan for the Conficker virus on your LAN nmap -PN -T4 -p139,445 -n -v --script=smb-check-vulns --script-args safe=1 192.168.0.1-254 # Netstat Connection Check netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n | tail # Drop or block attackers IP with null routes sudo route add xxx.xxx.xxx.xxx gw 127.0.0.1 lo # Extract ip addresses with sed sed -n 's/([0-9]{1,3}.){3}[0-9]{1,3}/nip&n/gp' ips.txt | grep ip | sed 's/ip//'| sort | uniq # Sniff ONLY POP3 authentication by intercepting the USER command tcpdump -i eth0 "tcp port pop3 and ip[40] = 85 and ip[41] = 83" -s 1500 -n -w "sniff"
  13. 13. Page 13 Windows # ps for windows wmic process list IO # Killing a process in Windows 7 command line Taskkill /? # Shutdown a Windows machine from Linux net rpc shutdown -I ipAddressOfWindowsPC -Uusername%password Java # Count threads of a jvm process ps uH p <PID_OF_U_PROCESS> |wc -l # How to get full tread dump for java process kill -3 PID VituralBox # Launch a VirtualBox virtual machine VBoxManage startvm "name" # run a VirtualBox virtual machine without a gui VBoxHeadless -s <name|uuid> Apache # Know which modules are loaded on an Apache server apache2 -t -D DUMP_MODULES # Hits per hour apache log awk -F: '{print $2}' access_log | sort | uniq -c
  14. 14. Page 14 Encryption # GUID generator guid(){ lynx -nonumbers -dump http://www.famkruithof.net/uuid/uuidgen | grep "w{8}-" | tr -d ' '; } # Base64 decode echo Y29tbWFuZGxpbmUuZnUgcm9ja3MK | base64 -d # Generate MD5 hash for a string printf "$string" | md5sum # Encrypt/decrypt a string from the command line echo 'HelloWorld!' | gpg --symmetric |base64 # Quickly generate an MD5 hash for a text string using OpenSSL echo -n 'text to be encrypted' | openssl md5 # Quickly generate an MD5 hash for a text string using OpenSSL md5sum<<<'text to be encrypted' # Generate MD5 of string and output only the hash checksum in a readable format echo -n "String to MD5" | md5sum | sed -e 's/[0-9a-f]{2}/& /g' -e 's/ -//' # Generate MD5 of string and output only the hash checksum echo -n "String to MD5" | md5sum | cut -b-32 # Generate SHA1 hash for each file in a list ls [FILENAME] | xargs openssl sha1 # It decripts all pgp files in a selection folder and move the output into a file. for x in *.pgp do `cat /file_with_the_passphrase.dat|(gpg --batch --no-tty --yes --passphrase-fd=0 --decrypt `basename $x`; ) > 'dump_content.dat'` done; # md5 checksum check digest -a -v md5 <file-name>
  15. 15. Page 15 Curl and Such # Firefly quotes yum install fortune-firefly; fortune # Update twitter via curl curl -u user:pass -d status="Tweeting from the shell" http://twitter.com/statuses/update.xml # Check your unread Gmail from the command line curl -u username:password --silent "https://mail.google.com/mail/feed/atom" | tr -d 'n' | awk -F '<entry>' '{for (i=2; i<=NF; i++) {print $i}}' | sed -n "s/<title>(.*)</title.*name>(.*)</name>.*/2 - 1/p" # Send email with curl and gmail curl -n --ssl-reqd --mail-from "<user@gmail.com>" --mail-rcpt "<user@server.tld>" --url smtps://smtp.gmail.com:465 -T file.txt # Command Line to Get the Stock Quote via Yahoo curl -s 'http://download.finance.yahoo.com/d/quotes.csv?s=csco&f=l1' # Find pages returning 404 errors in apache logs awk '$9 == 404 {print $7}' access_log | uniq -c | sort -rn | head # grab all commandlinefu shell functions into a single file, suitable for sourcing. export QQ=$(mktemp -d);(cd $QQ; curl -s -O http://www.commandlinefu.com/commands/browse/sort-by-votes/plaintext/[0-2400:25];for i in $(perl -ne 'print "$1n" if( /^(w+())/ )' *|sort -u);do grep -h -m1 -B1 $i *; done)|grep -v '^--' > clf.sh;rm -r $QQ # Find out how old a web page is wget -S --spider http://osswin.sourceforge.net/ 2>&1 | grep Mod # Get Lorum Ipsum random text from lorumipsum.com lynx -source http://www.lipsum.com/feed/xml?amount=3|perl -p -i -e 's/n/nn/g'|sed -n '/<lipsum>/,/</lipsum>/p'|sed -e 's/<[^>]*>//g' # Tell Analytics to fuck itself. gofuckanalytics() { echo "DELETE FROM moz_cookies WHERE name LIKE '__utm%';" | sqlite3 $( find ~/.mozilla -name cookies.sqlite ) } # commit message generator - whatthecommit.com curl http://whatthecommit.com/index.txt # Check a server is up. If it isn't mail me. curl -fs brandx.jp.sme 2&>1 > /dev/null || echo brandx.jp.sme ping failed | mail -ne -s'Server unavailable' joker@jp.co.uk # download all the presentations from UTOSC2010
  16. 16. Page 16 b="http://2010.utosc.com"; for p in $( curl -s $b/presentation/schedule/ | grep /presentation/[0- 9]*/ | cut -d""" -f2 ); do f=$(curl -s $b$p | grep "/static/slides/" | cut -d""" -f4); if [ -n "$f" ]; then echo $b$f; curl -O $b$f; fi done # geoip information geo(){ curl -s "http://www.geody.com/geoip.php?ip=$(dig +short $1)"| sed '/^IP:/!d;s/<[^>][^>]*>//g'; } # upload a file via ftp curl -u user:passwd -T /home/dir/local_file_to_upload ftp://your_host.com/subdir/ # Email yourself a short note quickemail() { echo "$*" | mail -s "$*" email@email.com; }
  17. 17. Page 17 MySQL # Get column names in MySQL mysql -u <user> --password=<password> -e "SHOW COLUMNS FROM <table>" <database> | awk '{print $1}' | tr "n" "," | sed 's/,$//g' # command line to drop all table from a databse mysql -u uname dbname -e "show tables" | grep -v Tables_in | grep -v "+" | gawk '{print "drop table " $1 ";"}' | mysql -u uname dbname # MySQL: Find an instance of a populated table across numerous databases TABLE_NAME=YYZ ; for DATABASE in $(echo "SELECT TABLE_SCHEMA FROM information_schema.tables WHERE TABLE_NAME='$TABLE_NAME'" | mysql -N) ; do echo -n "$DATABASE: " ; echo "SELECT COUNT(*) FROM $TABLE_NAME" | mysql $DATABASE -N ; done | fgrep -v ': 0' # See where MySQL is looking for its config files mysql -? | grep ".cnf" # Monitor MySQL threads per user mysql -BNe "SELECT user,COUNT(user) AS count FROM processlist GROUP BY user ORDER BY count;" information_schema # Monitor the queries being run by MySQL watch -n 1 mysqladmin --user=<user> --password=<password> processlist # Backup all MySQL Databases to individual files for I in $(mysql -e 'show databases' -s --skip-column-names); do mysqldump $I | gzip > "$I.sql.gz"; done # Backup all MySQL Databases to individual files for db in $(mysql -e 'show databases' -s --skip-column-names); do mysqldump $db | gzip > "/backups/mysqldump-$(hostname)-$db-$(date +%Y-%m-%d- %H.%M.%S).gz"; done # Dump mySQL db from Remote Database to Local Database mysqldump --host=[remote host] --user=[remote user] --password=[remote password] -C db_name | mysql --host=localhost --user=[local user] -- password=[local password] db_name # mysql DB size mysql -u root -pPasswort -e 'select table_schema,round(sum(data_length+index_length)/1024/1024,4) from information_schema.tables group by table_schema;' # Discover unoptimized MySQL tables and optimize them. for table in $(echo "select concat(TABLE_SCHEMA, '.', TABLE_NAME) from information_schema.TABLES where TABLE_SCHEMA NOT IN ('information_schema','mysql') and Data_free > 0" | mysql --skip-column- names); do echo "optimize table ${table}" | mysql; done; # Mysql extended status mysqladmin -u root -p extended-status # Backup all mysql databases to individual files on a remote server
  18. 18. Page 18 for I in $(mysql -e 'show databases' -u root --password=root -s --skip- column-names); do mysqldump -u root --password=root $I | gzip -c | ssh user@server.com "cat > /remote/$I.sql.gz"; done
  19. 19. Page 19 Ports # Forensic tool to find hidden processes and ports unhide (proc|sys|brute) # Lists open ports netstat -antuwp | egrep "(^[^t])|(^tcp.*LISTEN)" # find an unused unprivileged TCP port netstat -tan | awk '$1 == "tcp" && $4 ~ /:/ { port=$4; sub(/^[^:]+:/, "", port); used[int(port)] = 1; } END { for (p = 32768; p <= 61000; ++p) if (! (p in used)) { print p; exit(0); }; exit(1); }' # Check if TCP port 25 is open netstat -tln | grep :25 # Check if TCP port 25 is open sudo lsof -iTCP:25 -sTCP:LISTEN # find an unused unprivileged TCP port netstat -atn | perl -0777 -ne '@ports = /tcp.*?:(d+)s+/imsg ; for $port (32768..61000) {if(!grep(/^$port$/, @ports)) { print $port; last } }' # tell if a port is in use netstat -a --numeric-ports | grep 8321 # List open TCP/UDP ports netstat -ltun # Open Port Check lsof -ni TCP # list all opened ports on host sudo lsof -P -i -n -sTCP:LISTEN netstat -ant | grep LISTEN # determine if tcp port is open nmap -p 80 hostname # For finding out if something is listening on a port and if so what the daemon is. fuser -n tcp {0..65535} # List programs with open ports and connections lsof -i # Get list of servers with a specific port open nmap -sT -p 80 -oG - 192.168.1.* | grep open # List Listen Port by numbers netstat -tlpn | sort -t: -k2 -n # which process has a port open
  20. 20. Page 20 lsof -i :80 # Blink LED Port of NIC Card ethtool -p eth0 # Show what PID is listening on port 80 on Linux fuser -v 80/tcp # Port Knocking! knock <host> 3000 4000 5000 && ssh -p <port> user@host && knock <host> 5000 4000 3000 # which program is this port belongs to ? lsof -i tcp:80 # List all open ports and their owning executables lsof -i -P | grep -i "listen" # Lists all listening ports together with the PID of the associated process lsof -Pan -i tcp -i udp # Detect Connections On Port - Android netstat -lptu | grep -E "22.*ESTABLISHED" | cut -s -d ':' -f2 | awk '{print $2}' # Lists all listening ports together with the PID of the associated process netstat -tunlp # pid list by httpd listen port lsof | awk '/*:https?/{print $2}' | sort -u # start a tunnel from some machine's port 80 to your local post 2001 ssh -N -L2001:localhost:80 somemachine # How to Kill Process that is Running on Certain Port in Windows? netstat -a -o -n | grep 8080 # Get number of established sessions on a given port netstat -anp | grep :80 | grep ESTABLISHED | wc -l # whois surfing my web ? watch lsof -i :80 # Displays All TCP and UDP Connections sudo netstat|head -n2|tail -n1 && sudo netstat -a|grep udp && echo && sudo netstat|head -n2|tail -n1 && sudo netstat -a|grep tcp
  21. 21. Page 21 File # get size of a file du -hs file-name # tar the current directory wihtout the absolute path tar -cf "../${PWD##*/}.tar" . # Recursively search a directory tree for all .php .inc .html .htm .css .js files for a certain string find . -type f ( -name "*.js" -o -name "*.php" -o -name "*.inc" -o -name "*.html" -o -name "*.htm" -o -name "*.css" ) -exec grep -il 'searchString' {} ; # find names of files ending in *log that have both foo and bar grep -l bar *.log | xargs grep -l foo # Make a directory named with the current date mkdir `date --iso` # Create a 100MB file for testing transfer speed dd if=/dev/random of=bigfile bs=1024 count=102400 # ls only directories ls -ad */ # replace strings in file names rename 's/foo/bar/g' foobar # List files opened by a PID lsof -p 15857 # Find status of all symlinks symlinks -r $(pwd) # cleanup /tmp directory find /tmp -type f -atime +1 -delete # Remove Backup Files find / -name *~ -delete
  22. 22. Page 22 # Find the 10 lusers winners of the "I take up the most disk space" award du -sh /home/*|sort -rh|head -n 10 # Print total size of specified files and subdirectories du -sk * | awk '{print $1} END {print "[+z1<y]synlyxnp"}' | dc # Recursive remove files by mask find . -name ".DS_Store" -print0 | xargs -0 rm -rf # List only those files that has all uppercase letters in their names (e.g. README) ls | grep '^[A-Z0-9]*$' # Get dimensions of an image. identify path/to/image.jpg | awk '{print $3;}' # Mount folder/filesystem through SSH sshfs name@server:/path/to/folder /path/to/mount/point # Show apps that use internet connection at the moment. (Multi-Language) lsof -P -i -n # Find Duplicate Files (based on size first, then MD5 hash) find -not -empty -type f -printf "%sn" | sort -rn | uniq -d | xargs -I{} -n1 find -type f -size {}c -print0 | xargs -0 md5sum | sort | uniq -w32 --all- repeated=separate # Create a CD/DVD ISO image from disk. readom dev=/dev/scd0 f=/path/to/image.iso # replace spaces in filenames with underscores rename 'y/ /_/' * # Get the 10 biggest files/folders for the current direcotry du -s * | sort -n | tail # Mount a .iso file in UNIX/Linux mount /path/to/file.iso /mnt/cdrom -oloop # Sort the size usage of a directory tree by gigabytes, kilobytes, megabytes, then bytes. du -b --max-depth 1 | sort -nr | perl -pe 's{([0-9]+)}{sprintf "%.1f%s", $1>=2**30? ($1/2**30, "G"): $1>=2**20? ($1/2**20, "M"): $1>=2**10? ($1/2**10, "K"): ($1, "")}e' # Recursively change permissions on files, leave directories alone. find ./ -type f -exec chmod 644 {} ; # Find files that have been modified on your system in the past 60 minutes sudo find / -mmin 60 -type f # ls not pattern ls !(*.gz) # Remove blank lines from a file using grep and save output to new file grep . filename > newfilename
  23. 23. Page 23 # find all file larger than 500M find / -type f -size +500M # List all files opened by a particular command lsof -c dhcpd # Recover a deleted file grep -a -B 25 -A 100 'some string in the file' /dev/sda1 > results.txt # convert filenames in current directory to lowercase rename 'y/A-Z/a-z/' * # Find Duplicate Files (based on MD5 hash) find -type f -exec md5sum '{}' ';' | sort | uniq --all-repeated=separate -w 33 | cut -c 35- # Empty a file truncate -s0 file # Rename all .jpeg and .JPG files to have .jpg extension rename 's/.jpe?g$/.jpg/i' * # Convert all Flac in a directory to Mp3 using maximum quality variable bitrate for file in *.flac; do flac -cd "$file" | lame -q 0 --vbr-new -V 0 - "${file%.flac}.mp3"; done # List 10 largest directories in current directory du -hs */ | sort -hr | head # Count files beneath current directory (including subfolders) find . -type f | wc -l # move a lot of files over ssh rsync -az /home/user/test user@sshServer:/tmp/ # Add prefix onto filenames rename 's/^/prefix/' * # Files extension change rename .oldextension .newextension *.oldextension # Convert camelCase to underscores (camel_case) sed -r 's/([a-z]+)([A-Z][a-z]+)/1_l2/g' file.txt # Create directory named after current date mkdir $(date +%Y%m%d) # Tail -f at your own pace tail -fs 1 somefile # Get the 10 biggest files/folders for the current direcotry du -sk * |sort -rn |head # List complete size of directories (do not consider hidden directories) du -hs */
  24. 24. Page 24 # Recursively find top 20 largest files (> 1MB) sort human readable format find . -mount -type f -printf "%k %pn" | sort -rg | cut -d -f 2- | xargs -I {} du -sh {} | less # Find the 10 users that take up the most disk space sudo -s du -sm /Users/* | sort -nr | head -n 10 # Copy modification timestamp from one file to another. touch -r "source_file" "destination_file" # Top 15 processes with the largest number of open files lsof +c 15 | awk '{print $1}' | sort | uniq -c | sort -rn | head # LIST FILENAMES OF FILES CREATED TODAY IN CURRENT DIRECTORY ls -l --time-style=+%Y-%m-%d | awk "/$(date +'%Y-%m-%d')/ {print $7}" # count files by type ls | tr [:upper:] [:lower:] | grep -oP '.[^.]+$' | sort | uniq -c | sort # Create md5sum of a directory find -name .git -prune -o -type f -exec md5sum {} ; | sort -k2 | md5sum # Recursively search and replace old with new string, inside every instance of filename.ext find . -type f -name filename.exe -exec sed -i "s/oldstring/oldstring/g" {} +; # Print duplicate files find . -type f -print0 | xargs -0 -n1 md5sum | sort -k 1,32 | uniq -w 32 -d - -all-repeated=separate | sed -e 's/^[0-9a-f]* *//;' # Find Duplicate Files (based on size first, then MD5 hash) find . -type f -not -empty -printf "%-25s%pn"|sort -n|uniq -D -w25|cut -b26- |xargs -d"n" -n1 md5sum|sed "s/ /x0/"|uniq -D -w32|awk -F"0" 'BEGIN{l="";}{if(l!=$1||l==""){printf "n%s0",$1}printf "0%s",$2;l=$1}END{printf "n"}'|sed "/^$/d" # List files and sizes find / -type f -exec wc -c {} ; | sort -nr | head -100 # Print all open regular files sorted by the number of file handles open to each. lsof -a -d 1-99 -Fn / | grep ^n | cut -b2- | sort | uniq -c | sort -n # underscore to camelCase echo "hello_world" | sed -r 's/([a-z]+)_([a-z])([a-z]+)/1U2L3/' # Copy a file over the network with 3 bounces cat file.orig | ssh user1@host1 "ssh user2@host2 "ssh user3@server3 'cat >file.dest'"" # Regex or egrep expr1|expr2 file # find all symlinks to a file find / -lname path/to/foo.txt
  25. 25. Page 25 # sort a csv file according to a particular n th field numerically (quicker than excel) sort -t"," -n -k5 file.csv # according to the 5th field NUMERICALLY!! # rename files (in this case pdfs) numerically in date order find . -name "*.pdf" -print0 | xargs -r0 stat -c %y %n | sort|awk '{print $4}'|gawk 'BEGIN{ a=1 }{ printf "mv %s %04d.pdfn", $0, a++ }' | bash # Create multiple files in a single command touch file{1,2,3,4,5}.sh # Recursive chmod all *.sh files within the current directory find ./ -name "*.sh" -exec chmod +x {} ; # Find all the files more than 10MB, sort in descending order of size and record the output of filenames and size in a text file. find . -size +10240k -exec ls -l {} ; | awk '{ print $5,"",$9 }'|sort -rn > message.out # Show duplicate lines in a file sort namesd.txt | uniq ?cd # Remove security limitations from PDF documents using QPDF qpdf --decrypt inputfile.pdf outputfile.pdf # Archive all files that have not been modified in the last days find /protocollo/paflow -type f -mtime +5 | xargs tar -cvf /var/dump- protocollo/`date '+%d%m%Y'_archive.tar` # Convert JSON to YAML catmandu convert JSON to YAML < file.json > file.yaml
  26. 26. Page 26 Comics # Use curl on Windows to bulk-download the Savitabhabhi Comic Strip (for Adults) for /L %%x in (1,1,16) do mkdir %%x & curl -R -e http://www.kirtu.com -o %%x/#1.jpg http://www.kirtu.com/toon/content/sb%x/english/sb%x_en_[001- 070].jpg # View the newest xkcd comic. curl -s 'xkcd.com' | awk -F" '/^<img/{printf("<?xml version="1.0"?>n<xkcd>n<item>n <title>%s</title>n <comment>%s</comment>n <image>%s</image>n</item>n</xkcd>n", $6, $4, $2)}' # View the newest xkcd comic. xkcd() { wget -qO- http://xkcd.com/ | sed -n 's#^<img src="(http://imgs.[^"]+)"s+title="(.+?)"salt.+$#eog "1"necho '"'2'#p" | bash ; } # Random Cyanide and Happiness comics from explosm.net cyanide(){ display "$(wget -q http://explosm.net/comics/random/ -O - | grep - Po 'http://www.explosm.net/db/files/Comics/*/[^"]+(png|jpg|jpeg)')"; } Other Fun # Rickroll your users when they sudo (doesn't work if ssh to MGTI but really funny if you set it to play "I'm looking at porn over here!" very loudly... Also. Must be in correct directory...find .bash_aliases echo "alias sudo="aplay annoyingsoundfile.ogg"" >> .bash_aliases

×