CLI Handbook¶
Goal¶
This is more or less a personal reference with useful CLI functions and commands.
Generally, everything is tested, but stuff breaks or changes with versions. Feedback or other recommendations are welcome!
The format is still work in progress and will change over time. Time will tell.
Things I try to focus on: - board tools prefered - one-liners - simplicity - reference to official docs - showing results
This is a living document! Tips are getting added, format changes, etc pp
Network¶
Check for open network port on host¶
Linux
Note: ss is being used on modern systems as netstat is deprecated.
# Specific Port (TCP/UDP)
ss -tupln | grep :443
# ON OLDER SYSTEMS
netstat -tupln | grep :443
or
netstat -anu | grep 51820 # TESTING
Windows/Powershell
TESTING
# TCP
Get-NetTCPConnection -State Listen
Get-NetTCPConnection -LocalPort 51820
# UDP
Get-NetUDPEndpoint | Where-Object { $_.LocalPort -eq 51820 }
Windows/Command Line
# TCP
netstat -an | findstr LISTENING
netstat -ano | findstr ":51820"
# UDP
netstat -ano -p udp | find ":51820"
TCP Connectivity¶
Linux/netcat
# LISTENER
nc -l -p 443
# SENDER
nc -vz example.com 443
Windows/Test-NetConnection
# LISTENER
$l=[Net.Sockets.TcpListener]::new([Net.IPAddress]::Any,443);$l.Start();$c=$l.AcceptTcpClient();$s=$c.GetStream();$b=New-Object byte[] 4096;while(($n=$s.Read($b,0,$b.Length)) -gt 0){[Console]::OpenStandardOutput().Write($b,0,$n)};$s.Close();$c.Close();$l.Stop()
# SENDER
Test-NetConnection -ComputerName "example.com" -Port 443
# SHORT
tnc example.com -port 443
UDP Connectivity¶
A way to check connectivity between hosts via UDP.
Linux - netcat
# LISTENER
nc -u -l -p 51820
# SENDER
echo "hello" | nc -u 192.168.1.50 51820
Windows - Powershell
# LISTENER
$u=New-Object System.Net.Sockets.UdpClient 51820;while($true){$r=$u.Receive([ref]([System.Net.IPEndPoint]::new([System.Net.IPAddress]::Any,0)));[Text.Encoding]::UTF8.GetString($r)|Write-Host}
# SENDER
$u=New-Object System.Net.Sockets.UdpClient; $d=[Text.Encoding]::UTF8.GetBytes("hello");$u.Send($d,$d.Length,"192.168.1.50",51820)
Show Routing Table¶
Windows/Command Line
route print
route PRINT | findstr 198.51.100.55
Host¶
Timer or timeout for command¶
Linux
timeout --signal=TERM --kill-after=5s 60s ping 127.1
Certificates¶
Fetch remote certificate¶
Linux/openssl
openssl s_client -connect uphillsecurity.com:443 -showcerts </dev/null
Follow all HTTP 301/302 redirects and show headers¶
Linux/curl
curl -L -v -o /dev/null http://uphillsecurity.com
Protocol Headers¶
Fetch remote protocol headers¶
Linux/curl
curl -sIL http://uphillsecurity.com
Hashing¶
Produce Hash¶
Linux
# FILE
sha256sum /path/file | cut -d' ' -f1
# STRING
printf %s 'hello' | sha256sum | cut -d' ' -f1
# OPTIONS sha256sum, md5sum, sha1sum, sha512sum
Windows
Powershell
Get-FileHash .\2025-01-03_00-55-22.png -Algorithm sha256 | fl
Algorithm : SHA256
Hash : 3F1F067ADC45E49128033561018CCB8C9B79C655A65700BC425F1171F9255711
Path : C:\Users\user\Documents\2025-01-03_00-55-22.png
# DEFAULT SHA256 -Algorithm SHA256|SHA1|SHA512|MD5
Commandline
certutil -hashfile ./2025-01-03_00-55-22.png sha256
SHA256 hash of ./2025-01-03_00-55-22.png:
3f1f067adc45e49128033561018ccb8c9b79c655a65700bc425f1171f9255711
CertUtil: -hashfile command completed successfully.
# OPTIONS: SHA256 to MD5/SHA1/SHA512
Random¶
Simple UFW Bulk Import¶
cat whitelist.txt
198.51.100.55
198.51.100.43
203.0.113.4
# SCRIPT.sh
while read ip; do
sudo ufw allow in on eth0 from $ip to 192.0.2.0/24 port 80 proto tcp
sudo ufw allow in on eth0 from $ip to 192.0.2.0/24 port 443 proto tcp
done < whitelist.txt
Later, find notes¶
- Firewall logs
- get headers for ssh, etc
- curl, get redirects