CATEGORIES
- System and Environment
- Network
- Public IP
- DNS Utilities
- Mounting Volumes
- General Linux Tips
- Ubuntu Tips
- Raspberry PI Tips
- Kali Tips
- Forensics Tools
- Western Digital NAS
- VMWare ESXi Tips
- NVIDIA Drivers
- AMD GPU Drivers
SYSTEM AND ENVIRONMENT
sudo hostnamectl set-hostname newHostName id || (whoami && groups) 2>/dev/null id -un uname uname -a uname -r uname -m neofetch inxi -F w last -aiF lastb -adF arch lsb_release -rd cat /proc/version (cat /proc/version || uname -a ) 2>/dev/null systemctl show-environment env set uptime lsblk lsblk -f lscpu lsusb lspci lspci -vvv lsmod echo $SHELL echo $HOME reset man commantName tldr commandName apropos commandName systemd-analyze systemd-analyze blame systemd-analyse critical chain
Manage physical (discrete) memory:
dmidecode -t memory
lsmem
lsmem -a
chmem -d 0x0000000878000000-0x000000087fffffff
chmem -e -b 271
History of commands:
history -c
history -r
set +o history
# history does not store this command
set -o history
history
!123
HISTTIMEFORMAT="%Y-%m-%d %T "
cat ~/.bash_history | fzf -i
Preventing a command from being logged in the history if it starts with a space character (~/.bashrc):
HISTCONTROL=ignoreboth
List all available commands, aliases, bash built-ins, bash keywords, and bash functions:
compgen -c compgen -a compgen -b compgen -k compgen -A function
Display kernel’s ring buffer messages being sent to the syslog since the last boot (human timestamp, watch as it happens, filter content, and clear buffer):
sudo dmesg -T sudo dmesg -w sudo dmesg | grep error sudo dmesg | grep usb sudo dmesg -c
List timers and services of the system:
systemctl list-timers --all systemctl list-units --type=service systemctl --all
Rootless services:
systemctl edit --force --full serviceName --user systemctl start serviceName --user
Enable lingering (processes to still running after user logs off):
loginctl show-user userName | grep Linger loginctl enable-linger userName
Storage volume speed test:
sudo apt install hdparm -y hdparm -tv -direct /dev/sdc1
Inodes:
ls -i stat fileName df -i
sudo apt install inotify-tools -y inotifywait -m -q -e modify /var/log/applicationLogs
Note: there is a Kernel module called fanotify that is capable of monitoring and intercepting filesystem events.
List users, list super-users, who are logged, last logged users, the last login by users, and list all users and groups:
cat /etc/passwd | cut -d: -f1 awk -F: '($3 == "0") {print}' /etc/passwd w last lastlog for i in $(cut -d":" -f1 /etc/passwd 2>/dev/null);do id $i;done 2>/dev/null | sort id userName
Get password policy:
grep "^PASS_MAX_DAYS\|^PASS_MIN_DAYS\|^PASS_WARN_AGE\|^ENCRYPT_METHOD" /etc/login.defs
Find files writeable by anybody or any group:
find / '(' -type f -or -type d ')' '(' '(' -user $USER ')' -or '(' -perm -o=w ')' ')' 2>/dev/null | grep -v '/proc/' | grep -v $HOME | sort | uniq
for g in `groups`; do find \( -type f -or -type d \) -group $g -perm -g=w 2>/dev/null | grep -v '/proc/' | grep -v $HOME; done
find . -mindepth 1 -type f -name "*.zip"
find . -mindepth 1 -type f -name "*.zip" -printf x | wc -c
Read a specific line number from a file:
awk 'NR==50' fileName sed '50!d' fileName
Running processes:
ps aux ps -ef pgrep -l ssh pgrep -u root top -n 1
Running processes with a given priority and changing the priority of the running process:
nice -n 3 script.sh renice +1 -p PID renice 5 -p PID
Note: PID is the process ID that can be found using the ps command. The priority range is from -20 (high priority) to +19 (low priority).
Reparent a running program to a new terminal:
sudo reptyr PID sudo reptyr -s PID
List detailed information about all PCI buses and devices:
lspci
Configure and update Grub:
sudo nano /etc/default/grub sudo os-prober sudo update-grub
See also the configuration files inside /etc/grub.d/.
By adding net.ifnames=0 and biosdevname=0 in the grub config makes the Linux kernel name interfaces like eth*.
GRUB_CMDLINE_LINUX="net.ifnames=0 biosdevname=0"
Check out Clover [Link], as an alternative to Grub. It is especially good as a bootloader that runs in a thumbdrive to quick start an NVMe drive, in the event of an old BIOS firmware that can’t directly boot from an NVMe.
Remove the welcome banner:
touch .hushlogin
Command-line calendar:
cal
Create a Linux password hash:
mkpasswd -m sha-512
Refresh the cloned instance/virtual machine:
apt purge cloud-init -y apt install cloud-init -y nano /etc/cloud/cloud.cfg cloud-init clean cloud-init init
Applications that work with core/distribution libraries to install software:
- apt – Debian
- pacman – Arch
- yum – CentOS
- dnf – Fedora
- zypper – openSUSE
- apk-tools – Alpine
- snap – Ubuntu-based
- flatpak – Multiple
Flatpak basic commands:
sudo apt install flatpak gnome-software-plugin-flatpak -y flatpak remotes flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo flatpak remote-delete flathub flatpak search firefox flatpak update flatpak list flatpak list --app flatpak history
Scheduling a shutdown:
shutdown -h 20 shutdown +20 shutdown -r 20 shutdown -r +20 shutdown -h 17:30
Canceling a scheduled shutdown
shutdown -c
Managing processes with Supervisor:
sudo apt install supervisor -y sudo systemctl enable --now supervisor sudo nano /etc/supervisor/conf.d/appName
[program:appName]
command=/path/to/your/app
autostart=true
autorestart=true
startretries=3
stderr_logfile=/var/log/appName.err.log
stdout_logfile=/var/log/appName.out.log
environment=HOME="/home/user",USER="myUser"
sudo supervisorctl reread- Reload the configuration without restarting the processes.
sudo supervisorctl update- Apply the updated configuration.
sudo supervisorctl start appName- Starts a process
sudo supervisorctl stop appName- Stops a process
sudo supervisorctl restart appName- Restarts a process
sudo supervisorctl restart all- Restarts ALL process
sudo supervisorctl status- List all managed processes and their statuses
sudo supervisorctl tail appName- View logs for a specific process
sudo supervisorctl shutdown- Stop supervisor itself
NETWORK
hostname -I ip address ip route ip neighbor ip link sudo ip route add default via 192.168.2.1 dev wlan0 sudo ip route add 10.0.0.0/24 via 192.168.2.1 dev eth0 sudo ip route del 10.0.0.0/24 via 192.168.2.1 dev eth0 ip route get 8.8.8.8 ip route get 8.8.8.8 fibmatch ip route get 8.8.8.8 from 192.168.1.100 fibmatch ip -4 -br a s dev wth0 ip route show scope host table all ip route show scope link ip route show scope global ip route show table main ip route show table local ip route show table default ip rule nmcli device status nmcli con show nmcli connection show SSID nmcli connection show "Wired connection 1" nmcli -g ip4.address,ip4.dns connection show SSID ss --tcp ss --udp ss --listening ss -ltn arp -e arp -a systemd-resolve --status resolvectl sudo systemctl restart systemd-resolved nslookup example.com nslookup -type=ns example.com nslookup -type=mx example.com nslookup -type=aaaa example.com nslookup -type=txt example.com nslookup 8.8.4.4 netplan try netplan apply netplan generate
Measures the throughput of a network connection between the client and server:
iperf -s # for the server iperf -c 10.0.0.1 # for the client
Check the process ID that is connected to a specific port and open ports:
lsof -i lsof -i :22 (netstat -punta || ss --ntpu) sudo ss -ltpn
Capture / Sniff TCP traffic:
tcpdump -D tcpdump -i eth0 -c 10 host 8.8.4.4 tcpdump -i eth0 src host 8.8.4.4 tcpdump -i eth0 dst host 8.8.4.4 tcpdump -i eth0 net 10.10.10.0 mask 255.255.255.0 tcpdump -i eth0 net 10.10.10.0/24 tcpdump -i eth0 port 53 tcpdump -i eth0 host 8.8.4.4 and port 53 tcpdump -i eth0 port not 23 and not 22 tcpdump -w network_traffic.pcap timeout 10 tcpdump
Changing network interfaces metric:
sudo apt install ifmetric -y sudo ifmetric wlx70f11c1927ef 599 ip route
Manage network connections over CLI:
nmtui
Check the routing path using Trace Route (ICPM) and Trace Path (UDP)
traceroute 8.8.8.8
tracepath 8.8.8.8
Troubleshoot conntrack.
sudo apt install conntrack -y sudo conntrack -L sudo conntrack -L -p tcp sudo conntrack -S cat /proc/sys/net/netfilter/nf_conntrack_count cat /proc/sys/net/netfilter/nf_conntrack_max
PUBLIC IP
curl https://ipinfo.io/ip curl http://ipecho.net/plain dig +short myip.opendns.com @resolver1.opendns.com dig -4 +short myip.opendns.com @resolver1.opendns.com dig -6 +short myip.opendns.com @resolver1.opendns.com
API TEST
Use HTTPie to query and visualize the HTTP readers [Link].
sudo apt install httpie -y http example.com
DNS UTILITIES
sudo apt install dnsutils -y dig example.com dig +trace example.com whois example.com nmcli dev show | grep 'IP4.DNS' host example.com
Using Systemd Resolver.
systemd-resolve domain.com systemd-resolve --status systemd-resolve --flush-caches sudo systemctl restart systemd-resolved
OR
resolvectl status resolvectl flush-caches
To resolve any domain ending with .local to the same IP address:
sudo apt update && sudo apt install dnsmasq -y echo 'address=/.local/10.10.10.100' >> /etc/dnsmasq.conf echo 'server=8.8.8.8' >> /etc/dnsmasq.conf echo 'server=1.1.1.1' >> /etc/dnsmasq.conf sudo systemctl restart dnsmasq
The configuration above will resolve any domain that ends with .local to the IP 10.10.10.100. Any other that does not match this pattern will be forwarded to the upstream servers for Google and CloudFlare, respectively.
Do not forget to change the system resolver (/etc/resolv.conf) to 127.0.0.1.
VOLUMES
Find mounted volumes in the system:
findmnt findmnt -l
To list all Samba/Windows shares in your workgroup:
nmblookup -S WORKGROUP
List and connect to SMB shares:
smbclient -L \\\\192.168.1.10 smbclient \\\\192.168.1.10\\IPC$
Show the tree of hosts and shares in the Windows Network:
smbtree
Manually mounting a private share with write privileges given to the user:
sudo mount -t cifs -o username=${USER},password=${PASSWORD},uid=$(id -u),gid=$(id -g) //server-address/folder /mount/path/on/ubuntu
Mount anonymous shares from SMB locally with all users’ read and write privileges on boot:
//192.168.1.10/Public /home/user/Public cifs rw,username=geek,password=geek,noperm 0 0
List NFS exports (locally and remotely):
showmount -e showmount -e 192.168.1.1
Check and repair file system:
sudo umount /dev/sdb1 sudo fsck -p /dev/sdb1 sudo mount /dev/sdb1
Note: the option -p will allow the tool to automatically repair problems that can be safely repaired without user intervention.
Using Bind Mount as a way to mount a directory in another directory (like an alias, a mirror or a mapping point):
sudo mount --bind /PATH/dataSource /PATH/mountLocation sudo mount --rbind /PATH/dataSource /PATH/mountLocationRecursive
Check all real mounting points of the system:
sudo findmnt --real
GENERAL LINUX TIPS
Send messages to all active terminal sessions:
sudo wall "System under maintenance!"
Prevent a package from being upgraded:
sudo apt-mark hold packageName
Reverting hold above:
sudo apt-mark unhold packageName
App to get all hardware info:
sudo apt install -y hardinfo
Create a backup of a file while editing with Nano:
nano -B fileName
Basic Bash Expansions:
mkdir name{1..10}
mkdir name{a,b,c}
Ways to create a file with a certain size:
truncate -s 10M fileName fallocate -l $((10*1024*1024)) fileName head -c 10MB /dev/zero > fileName head -c 10MB /dev/urandom > fileName dd if=/dev/zero bs=10MB count=1 of=fileName dd if=/dev/urandom bs=10MB count=1 of=fileName
Safe overwrite all unused space of the drive:
dd if=/dev/random of=big || rm big
Cleanly killing processes:
sudo sigterm PID sudo sigkill PID sudo sigstop PID
Overwrite files before deleting:
shred -f -n 5 -z -u -v filename
ARP Scan to find all devices in the network (replace wlan0 with the interface you want to perform the search):
sudo apt install arp-scan -y sudo arp-scan --interface=wlan0 --localnet
Printing file content or output on the screen/terminal:
cat file.txt | more cat file.txt | less less file.txt
Shortcut to rename or copy a file, great for backup:
mv file.{conf,bkp}
cp file.{conf,local}
Execute a single command on many targets:
mkdir -p -v /home/josevnz/tmp/{dir1,dir2,dir3}
Making a temporary file/directory that is unique (excellent to prevent collision in automation scripts):
TMPFILE=‘mktemp‘ || exit 1 echo "Temporary file name $TMPFILE"
TMPDIR=‘mktemp -d‘ || exit 1 echo "Temporary directory name $TMPDIR"
Measuring latency between your device and another:
sudo apt install mtr mtr google.com
Check the ports that your server is listening to:
netstat -lt netstat -lu netstat -nr netstat -tulpn netstat -s netstat -tp netstat -an | grep ":22"
Run a script to check if any shared outdated libraries are running on your server:
curl -s -L https://kernelcare.com/uchecker | sudo python
Alternative to wget (axel) but with multi-threads:
axel -a -n 1 "https://example.com/file.zip"
Aria2 is another alternative to wget and axel. It resumes interrupted downloads, capable of multiple threads, and torrents or metalinks.
aria2c -s8 "https://example.com/Linux.iso" aria2c -s8 -c "https://example.com/Linux.iso" aria2c --max-download-limit=1M "https://example.com/Linux.iso" aria2c -d /path/downloaded/ "https://example.com/Linux.iso" aria2c --http-proxy=http://proxy.com:8080 "https://example.com/Linux.iso" aria2c -S linux.torrent aria2c --select-file=6-8,10 linux.torrent
Automate the response of a repetitive prompt of an application or script (use it with caution):
yes | command yes string | command
See also the command expect for more granular automation based on expected prompts and appropriate responses.
Record the whole session, including issued commands, their outputs, and prompts. It is saved to a file that can be replayed for audit:
script --timing=record.Times record.Output
To end the recoded session type exit.
scriptreplay --timing=record.Times record.Output scriptreplay --timing=record.Times --speed 2 record.Output scriptreplay --timing=record.Times --speed 0.5 record.Output
You just used a command without using “sudo” first. Try this:
ufw status sudo !!
Or if the command was incomplete.
sudo apt !! update
Reuse the last word from the previous command on the next:
mkdir directoryName cd !$
Adding one user to many groups:
sudo usermod -aG group1,group2,group3 user
Removing a user from a group:
sudo gpasswd -d user groupName
Changing the home directory and moving its content for a user:
usermod -d /home/newHome --move-home userName
Showing the user’s password expiration information:
chage -l userName
Changing the user’s password expiration:
sudo chage -M 90 userName sudo chage -M 2030-12-31 userName
Watch multiple log files at the same time (alternative to tail -f):
sudo apt install multitail -y multitail kern.log syslog
Watch for a directory, file, or any other command every second:
watch -n 1 "ls -l"
Search for an application:
which nmap
whatis nmap
dpkg --get-selections
dpkg -l | grep sshfs
rpm -qa | grep sshfs
Install compilers and kernel headers to meet the application’s installation requirements:
sudo apt install gcc make build-essential linux-headers-$(uname -r) -y
List kernel modules installed:
modprobe -h
Install and run 7-Zip to extract a .7z file:
sudo apt install p7zip p7zip-full p7zip-rar -y 7z e file.7z
Listing the content of a ZIP file:
zipinfo -1 file.zip unzip -l file.zip
Mounting an archive file as a read-only volume.
archivemount fileName.tar.gz /Path/MountingPoint
Place an executable file in this folder to be accessible from anywhere and by any user:
echo $PATH mv script.sh /usr/local/bin
See the history of the commands.
history
Check what the current user is allowed to execute with sudo.
sudo -l
Allow users to use the command sudo without a password prompt.
sudo nano /etc/sudoers.d/userName
And add the following:
userName ALL=(ALL) NOPASSWD: ALL
Keep sudo without prompting for a password during the section:
sudo -l
Check out the command run0as an alternative to sudo.
run0 commandName
Lock and unlock users:
usermod -L userNameToLock usermod -U userNameToUnlock
OR
passwd -u userNameToLock passwd -u userNameToUnlock
Creating directory symbolic link:
ln -d -s /targetFile /symbolicLinkName
Getting the destination of a symbolic link:
readlink -m symbolicLinkName
Transform piped input into arguments for a command:
ls | xargs cat
Going to the home directory of a user:
cd ~userName
Removing the repeated values and returning the unique ones:
cat listOfItems.txt | sort | uniq
Piping output to clipboard:
echo "hi" | xclip
Coding and decoding BASE64:
echo "ABC" | base64 echo "QUJDCg==" | base64 -d base64 <<< "ABC" base64 -d <<< "QUJDCg=="
Define variables in Bash, then use them in commands:
export ip=10.0.0.1 port=53 nc -v $ip $port -e /bin/bash
Create an alias for a command (add to ~/.bash_aliases):
alias ll="ls -l"
Cutting and merging videos with FFMPEG:
ffmpeg -i video1.mp4 -ss 00:01 -to 01:18 output_1.mp4 ffmpeg -i video2.mp4 -ss 00:02 -to 01:01 output_2.mp4 ffmpeg -f concat -i list.txt -c copy output_merged.mp4
The list.txt would contain a list of the files to be merged as follows:
file output_1.mp4 file output_2.mp4
Change the default start mode to VMs in VirtualBox to headless:
VBoxManage modifyvm "vm name" --defaultfrontend headless VBoxManage setproperty defaultfrontend headless
Run an application or script in the background but detached from the terminal or shell:
nohup appToRunInBg.sh &
If you have started jobs in the background but need to detach them from your terminal session:
disown jobId
Using the < operator. Inputting the content of a file to a command:
cat < fileName.txt
Using the << operator. It is excellent for scripting commands:
telnet server.com << EOL firstCommand secondCommand EOL
Temporary file systems (tmpfs)
/dev/shm- always tmpfs (RAM).
/tmp- on-disk but can be tmpfs, and does not retain files on reboots.
/var/tmp- never on tmpfs, retains files on reboots.
Automation of X via command line:
sudo apt install xautomation -y xte "str Hello!" xte "key Return" xte "keydown Control_L" xte "keyup Control_L"
Converting Markdown to PDF:
pandoc -o new.pdf original.md
Manipulating PDF files:
sudo apt install qpdf -y
qpdf --empty --pages cover.pdf pages*.pdf -- combined.pdf qpdf --empty --pages book-one.pdf 2-7 book-two.pdf 3,5 -- selected-pages.pdf qpdf book.pdf book-page.pdf --split-pages # output file names: book-page-1.pdf book-page-2.pdf ... qpdf --rotate=+90:1 original.pdf rotated.pdf qpdf --encrypt viewPassword editPassword 256 -- not-encrypted.pdf encrypted.pdf qpdf --decrypt --password=viewPassword encryted.pdf not-encrypted.pdf
- —
- It refers to the standard input of the shell if data in been piped.
- –empty
- Tells qpdf to not expect an input file and to use piped data. Requires using —.
- –encrypt
- requires two password entries: for a viewer and for an editor. Both can be the same, but if different, they will obey the security restrictions.
Emulate a KVM (keyboard + video + mouse) switch to control multiple systems [Link].
Generate the 6-digit TOTP from a seed directly from the command line.
oathtool --totp -b SEED
Similar to > writing to a file, sponge buffers until it is over, then writes at once. Important when multiple processes are simultaneously writing to the same file.
sudo apt install moreutils -y cat read.data | sponge write.data
Crawl and copy/mirror a website.
wget --mirror --convert-links --adjust-extension --page-requisites --no-parent -P exampleBackup https://example.com/path/
Rename multiple files and directories in a text editor.
sudo apt install moreutils -y vidir
UEFI Firmware Upgrade
sudo apt update sudo apt install fwupd -y sudo fwupdmgr refresh --force sudo fwupdmgr get-updates sudo fwupdmgr update
Upload all files from the current directory to FTP.
sudo apt install lftp -y lftp -u user:pass 192.168.0.10 -p 2221 > mput *
UBUNTU TIPS
Remove auto-mounted icons from the dock:
gsettings set org.gnome.shell.extensions.dash-to-dock show-mounts false
A very dangerous tool to configure your Gnome desktop (like Regedit on Windows):
sudo apt install dconf-editor -y
Find, enable, and disable the backlight of the keyboard (brightness from 0 to 3):
find /sys/class/leds -name '*kbd_backlight' echo 2 | sudo tee /sys/class/leds/dell::kbd_backlight/brightness echo 0 | sudo tee /sys/class/leds/dell::kbd_backlight/brightness
Set timeout for the keyboard backlight (in seconds):
sudo nano /sys/devices/platform/dell-laptop/leds/dell::kbd_backlight/stop_timeout
Setting the timezone and adjusting the clock:
sudo timedatectl set-timezone America/Toronto sudo date +%T -s "23:59:59" sudo date +%Y%m%d -s "20220110"
Install ClipGrab (video download tool) in Ubuntu 20.04 (from the Bionic repository):
sudo add-apt-repository ppa:clipgrab-team/ppa # edit the repository list and change distribution from focal to bionic sudo apt update && sudo apt install clipgrab -y
Change behavior when the laptop lid is closed in Ubuntu 20.04:
sudo gedit /etc/systemd/logind.conf
HandleLidSwitch=lock/ignore/poweroff/hibernate
systemctl restart systemd-logind.service
Check the integrity of installed DEB packages and their dependencies.
sudo apt install debsums -y debsums nano rdebsums nano
Allow the Ubuntu 20.04 system to Hibernate:
sudo systemctl hibernate
RASPBERRY PI TIPS
Set a different user to be the default auto login for Raspbian (autologin-user=pi, change pi to your desired username):
nano /etc/lightdm/lightdm.conf
List all USB devices connected to your machine:
lsusb
Removing line 8 from a text file:
sed -i '8d' ~/.ssh/known_hosts
Redirect output to null (useful with crontab):
> /dev/null 2>&1
Install all .deb files from the directory:
sudo dpkg -i *.deb
See used space in disk and RAM (try each and see how it works):
sudo free sudo df -h sudo du -sh / sudo du -sh /* sudo du -had 1 . | sort -rh sudo du -Sh / | sort -rh | head -5 sudo ncdu /
See progress while copying or transferring big files:
pv file.zip > /tmp/file.zip
Block ping response in Ubuntu/Debian:
sudo nano /etc/sysctl.conf
net.ipv4.icmp_echo_ignore_all = 1
sudo sysctl -p
Online services to test your server’s IPv6 connectivity:
https://tools.keycdn.com/ipv6-ping https://ipv6-test.com/validate.php
Keyboard-oriented web browser for the CLI:
sudo apt install lynx -y lynx http://www.google.com
sudo apt install links -y lynx http://example.com
Converting images in batches:
mogrify -format jpg *.png
Batch resizing images.
mogrify -resize x400 *.jpeg
OR
mkdir -p resized && mogrify -path resized -resize x400 *.jpeg
Converting iPhone’s .HEIC images to .JPG:
sudo apt install libheif-examples -y
for i in *.HEIC; do heif-convert "$i" "${i%.HEIC}.jpg"; done
OR
sudo apt install libheif-examples -y
ls *.HEIC | xargs -n 1 -P 5 sh -c 'heif-convert "$1" "${1%.HEIC}.jpg"' _
Converting iPhone’s .MOV videos to .MP4:
sudo apt install ffmpeg -y
ls *.MOV | xargs -n 1 -P 5 -I {} bash -c 'ffmpeg -y -i "$1" -map_metadata 0 -movflags +faststart -c:v libx264 -crf 18 -preset slow -c:a aac -b:a 192k "${1%.*}.mp4"' _ {}
Returning to the previous directory:
cd -
pushd /var ... popd
Matrix screensaver on terminal:
sudo apt install cmatrix -y cmatrix
Print input in columns:
mount | column -t
Terminal shortcuts:
- ctrl+l – Clear screen.
- ctrl+u – Clear line.
- ctrl+r – Search in the history of commands.
KALI TIPS
Switches on and off a theme that makes Kali look like Windows 10 to “hide in plain sight”.
kali-undercover
Fixing Kali issue after Upgrade:
sudo apt install xfce4-settings -y
Manage the GNOME keyring:
sudo apt install seahorse -y
Then, go to the start menu and search for Passwords and Keys.
Disabling hardware beep (consider adding to /etc/rc.local):
#!/bin/bash rmmod pcspkr exit 0
Create the service file /etc/systemd/system/rc-local.service:
[Unit] Description=/etc/rc.local Compatibility ConditionPathExists=/etc/rc.local [Service] Type=forking ExecStart=/etc/rc.local start TimeoutSec=0 StandardOutput=tty RemainAfterExit=yes SysVStartPriority=99 [Install] WantedBy=multi-user.target
Flag as executable and enable the service on boot:
sudo chmod +x /etc/rc.local sudo systemctl enable rc-local
Adjusting the vertical and horizontal position of the display:
xrandr xrandr --output DP-1-3 --panning 1920x1080 --transform 1,0,-4,0,1,-5,0,0,1
The first command shows the names of the displays, then replaces DP-1-3 with the desired display to adjust.
Full upgrade:
sudo apt update && sudo apt full-upgrade -y [ -f /var/run/reboot-required ] && sudo reboot -f
Userspace Reboot (sks Soft Reboot) operation restarts everything except the kernel and firmware:
sudo systemctl soft-reboot
Manage handlers for Lid, power, and other switches:
sudo nano /etc/systemd/logind.conf
Remote Desktop
sudo apt install -y novnc x11vnc x11vnc -display :0 -autoport -localhost -nopw -bg -xkb -ncache -ncache_cr -quiet -forever /usr/share/novnc/utils/launch.sh --listen 8081 --vnc localhost:5900 ss -antp | grep vnc
Create an SSH tunnel for the VNC:
ssh [email protected] -L 5900:localhost:5900
Some PDF applications pre-installed in Kali:
pdftotext fileName.pdf output.txt pdftohtml fileName.pdf output.html
FORENSICS TOOLS
Safely erase files in Linux with BleachBit (also available for Windows):
sudo apt install bleachbit -t sudo bleachbit
=> Windows version available at https://www.bleachbit.org/.
=> Alternative, Eraser available at https://eraser.heidi.ie/.
Encrypt system, disk, and volumes in Windows:
VeraCrypt available at https://www.veracrypt.fr/.
Create 1GB file for download or any other test:
sudo dd if=/dev/zero of=1gb.zip bs=1 count=0 seek=$[1024*1024*1024]
Using DD to write an ISO file to a USB drive:
sudo dd bs=4M if=file.iso of=/dev/sdX conv=fdatasync status=progress
OR
sudo dd if=Downloads/file.iso of=/dev/sda1 bs=1M status=progress
WESTERN DIGITAL NAS
Mount WD MyCloud Home in Linux manually:
sudo mount -t cifs //mycloud/Public /home/user/MyCloud/ -o username=geek,password=geek,uid=$(id -u),gid=$(id -g),forceuid,forcegid
Mount WD MyCloud Home in Linux automatically via /etc/fstab:
//mycloud/Public /home/user/MyCloud/ cifs username=geek,password=geek,iocharset=utf8,file_mode=0777,dir_mode=0777
WORKING WITH STRINGS AND FILES
Count the number of lines and the length of the longest line in a file:
wc -l /dirtectory/file.txt wc -L /dirtectory/file.txt
Search for files that contain the “text”:
grep -l 'text' *.*
Search for a ‘text’ in compressed files:
zcat fileName.gz | grep -l 'text' zgrep -l 'text' *.*
See also zmore, zless, and zdiff.
Look for the position and line of an occurrence of a byte (in hex) that happens in a file:
grep -aob $'\x9d' fileName.txt
sed -n '/\x9d/=' fileName.txt
Grep with inverted match (returns if not match to the pattern):
cat fileName | grep -v 'string'
Searching for a file:
grep -R 'password' --include='*.py' --color /path
Print the content in reverse order of the lines:
tac file.txt
Wrap up the output to fit in a specified width (default: 80 columns):
fold file.txt fold -w60 file.txt fold -s file.txt
Comparing files:
diff file1.txt file2.txt
Gathering information about a file:
file file.zip stat file.txt
Print the content of a binary file:
strings binaryFile
Looking inside binary files expressed in hex format:
xxd binaryFile xxd -s 0x000123abc binaryFile | head -n 5
Note: in the second example, it seeks the provided offset and only prints 5 lines. It is particularly useful when searching for the content in a specific position that is in the middle of the file and perhaps broke an application/script.
Print numbers from 1 to 10 separated by a space:
echo {1..10}
Usage of cut, -d ” ” informs that the delimiter between columns is the space character, and -f 4 informs the column you want o retrieve.
echo "a b c d e f g" | cut -d " " -f 4
Usage of tr, -d ” “ request to delete the spaces, replace each lowercase by uppercase and replace spaces by return key (next-line), -s “a” squeezes the characters leaving only one occurrence of it, -d [:digit:] leave only digits, but -cd [:digit:] remove the digits and leave only the numbers.
echo "a b" | tr -d " " echo "a b" | tr " " "\n" echo "a b" | tr [a-z] [A-Z] echo "a b" | tr [:lower:] [:upper:] echo "aaa" | tr -s "a" echo "a1b" | tr -cd [:digit:] echo "a1b" | tr -d [:digit:]
Inverting the order of characters:
echo "ABC" | rev
VMWARE ESXi TIPS
Enabling the external USB driver to become datastores:
/etc/init.d/usbarbitrator stop chkconfig usbarbitrator off ls /dev/disks/
Preparing the disk:
partedUtil mklabel /dev/disks/mpx.vmhba33:C0:T0:L0 gpt eval expr $(partedUtil getptbl /dev/disks/mpx.vmhba33:C0:T0:L0 | tail -1 | awk '{print $1 " \\* " $2 " \\* " $3}') - 1 partedUtil setptbl /dev/disks/mpx.vmhba33:C0:T0:L0 gpt "1 2048 9999999999 AA31E02A400F11DB9590000C2911D1B8 0" vmkfstools -C vmfs6 -S USB-Datastore /dev/disks/mpx.vmhba33:C0:T0:L0:1
Note: the mpx.vmhba33:C0:T0:L0 shall be replaced with the local USB direct access of your disk, and 9999999999 with the last sector calculated by the second command.
NVIDIA DRIVERS
Check the model, add the repositories, and run the installation.
lspci | grep -iE "3d|display|vga" | grep -i nvidia
Newer Hardware
sudo apt install nvidia-detect -y sudo nvidia-detect
If a driver is available for the hardware on the present system, an installation command will be presented. Most likely this.
sudo apt install nvidia-driver -y && sudo reboot
Older Hardware
It is strongly recommended to disable the open-source kernel module, nouveau which is frequently a cause of conflict with the ones provided by NVIDIA.
echo 'blacklist nouveau' | sudo tee /etc/modprobe.d/blacklist-nouveau.conf echo 'options nouveau modeset=0' | sudo tee -a /etc/modprobe.d/blacklist-nouveau.conf sudo update-initramfs -u && sudo reboot
Check first if the specific model has an installer at the official NVIDIA website [Link].
For some modules, the following might be the installation route.
sudo sed -i 's/main/main non-free contrib/g' /etc/apt/sources.list
Or
sudo sed -i 's/main/main non-free contrib/g' /etc/apt/sources.list.d/debian.sources
Or
sudo apt-add-repository contrib && sudo apt-add-repository non-free && sudo apt update
Drivers for legacy/old hardware can be installed as follows. Se examples.
sudo apt install --no-install-recommends nvidia-tesla-535-driver nvidia-tesla-535-kernel-dkms nvidia-smi -y
Or
sudo apt install nvidia-legacy-390xx-driver nvidia-smi -y
Or
apt-get install nvidia-driver-pinning-580 nvidia-smi -y
Reboot and check.
sudo reboot sudo lsmod | grep nvidia sudo nvidia-smi
Hold (lock) the package to prevent upgrade.
sudo apt-mark hold nvidia-legacy-390xx-driver
If it is intended for use with Docker and GPU workloads.
curl -fsSL https://nvidia.github.io/libnvidia-container/gpgkey | sudo gpg --dearmor -o /usr/share/keyrings/nvidia-container-toolkit-keyring.gpg curl -s -L https://nvidia.github.io/libnvidia-container/stable/deb/nvidia-container-toolkit.list | sed 's#deb https://#deb [signed-by=/usr/share/keyrings/nvidia-container-toolkit-keyring.gpg] https://#g' | sudo tee /etc/apt/sources.list.d/nvidia-container-toolkit.list sudo apt-get update sudo apt-get install -y nvidia-container-toolkit sudo systemctl restart docker
AMD GPU Drivers
wget https://repo.radeon.com/amdgpu-install/latest/ubuntu/noble/amdgpu-install_6.2.60202-1_all.deb sudo dpkg -i amdgpu-install*.deb sudo apt update && sudo apt upgrade -y sudo amdgpu-install -y --accept-eula --opencl=rocr --opengl=mesa --vulkan=pro
Checking installation:
sudo dmesg | grep -i amdgpu sudo lshw -c video