------------------------------------------------------------------------------------- / _ \ \_\(_)/_/ _//"\\_ JOHLEM.net / \ https://johlem.net/V1/topics/cheatsheet.php ------------------------------------------------------------------------------------- --- PENTEST check .bash_history check tmp directory =========================FILE IDENTIFICATION file backup.bz2 backup.bz2: bzip2 compressed data, block size = 400k ========================UNCOMPRESSION tar -xf archive.tar.xz tar -xjf test.tbz tar -zxvf backup.tgz gunzip -c backup.tgz | tar xvf - bzip2 -d filename.bz2 bunzip2 backup.bz2 cpio -idv < ../new.cpio cpio -idv --no-absolute-filename < backup strings backup wget -c ftp://ftp.vim.org/pub/vim/unix/vim-8.1.tar.bz2 -O - | sudo tar -xj =========================ENCRYPT/DECRYPT #To encrypt the contents of the current working directory tar -czf - * | openssl enc -e -aes256 -out secured.tar.gz -- encrypt: openssl enc -aes256 -k mypassword -in /tmp/backup.tar -out /tmp/backup.tar.enc decrypt: openssl enc -d -aes256 -k mypassword -in /tmp/backup.tar.enc -out /tmp/backup.tar -- -----best way to do it with salt HowTo: Encrypt a File #always use -salt option $ openssl enc -aes-256-cbc -salt -in file.txt -out file.txt.enc HowTo: Decrypt a File $ openssl enc -aes-256-cbc -d -in file.txt.enc -out file.txt --- =========================DIRECTORY The directory /tmp does get cleanup after each reboot. The directory /var/tmp does not get cleanup after each reboot. /etc/cron.daily/ # cron jobs run daily listed ========================SEARCH find /home -name .bash_history -exec grep -A 1 passwd {} \; find . -name .bash_history -exec grep -A 1 '^passwd' {} \; =====================USER To see list of logged in user type who or w command: saurus@proton:~$ who results: saurus :0 2021-10-18 21:59 (:0) To logout a user called elliot: # pkill -KILL -u elliot $sudo pkill -KILL -u elliot =====================CHECK WEBSITE #check site ssl certificate dates: echo | openssl s_client -connect www.johlem.net:443 2>/dev/null |openssl x509 -dates -noout #results: notBefore=Sep 14 02:19:26 2021 GMT notAfter=Dec 13 02:19:25 2021 GMT =====================MAC ADRESS #Generate a Random MAC address: openssl rand -hex 6 | sed 's/\(..\)/\1:/g; s/.$//' #generate password: openssl rand -base64 25 #results: JiJzuyFMRxW9a0uqzaBPAovVB20XRAnYkA== ============================DESTROY Securely destroy data on given device hugely faster than /dev/urandom This command generates a pseudo-random data stream using aes-256-ctr with a seed set by /dev/urandom. Redirect to a block device for secure data scrambling. 4 openssl enc -aes-256-ctr -pass pass:"$(dd if=/dev/urandom bs=128 count=1 2>/dev/null | base64)" -nosalt < /dev/zero > randomfile.bin s # to kill all process on the server and root too: //warning, don't do this!!! pkill -KILL -u root ====================