Kali Linux Command Set

Source: Internet
Author: User
Tags gpg mssql recode svn update rsync kali linux nessus scan dns spoofing

System Information
The processor architecture of the Arch Display machine (1)
UNAME-M Display the processor architecture of the machine (2)
Uname-r displaying the kernel version in use
DMIDECODE-Q Display hardware system components-(SMBIOS/DMI)
Hdparm-i/DEV/HDA lists the architecture characteristics of a disk
HDPARM-TT/DEV/SDA performing a test read operation on the disk
Cat/proc/cpuinfo displaying information for CPU info
Cat/proc/interrupts Display Interrupt
Cat/proc/meminfo Verifying memory usage
Cat/proc/swaps shows which swap is used
Cat/proc/version version of the kernel is displayed
Cat/proc/net/dev Display network adapter and statistics
Cat/proc/mounts displaying the loaded file system
Lspci-tv List of PCI devices
LSUSB-TV Display USB Device
Date Displays the system date
Cal 2007 Displays the 2007 calendar table
Date 041217002007.00 sets the day and time of day-the year of the month. seconds
Clock-w saving time changes to the BIOS

Shutdown (System shutdown, restart, and logout)
SHUTDOWN-H now shut down system (1)
Init 0 Shutdown System (2)
Telinit 0 Shutdown System (3)
Shutdown-h Hours:minutes & Shutdown system at scheduled times
Shutdown-c Cancel the system at a predetermined time
Shutdown-r now restart (1)
Reboot restart (2)
Logout logoff

Files and directories
Cd/home Enter '/home ' directory '
Cd.. Return to the top level directory
Cd.. /.. Return to the top level two directory
CD into the personal home directory
CD ~user1 into the personal home directory
CD-Return to the last directory
PWD Display work path
ls to view the files in the directory
Ls-f viewing files in a directory
Ls-l displaying details of files and directories
Ls-a Show hidden files
LS *[0-9]* displays filenames and directory names that contain numbers
Tree displays files and directories starting with the root directory (1)
Lstree displaying files and directories starting with the root directory tree (2)
mkdir dir1 Create a directory called ' Dir1 '
mkdir dir1 DIR2 Create two directories at a time
Mkdir-p/tmp/dir1/dir2 Create a directory tree
Rm-f file1 Delete a file called ' File1 '
RmDir dir1 Delete a directory called ' Dir1 '
RM-RF Dir1 Delete a directory called ' Dir1 ' and delete its contents at the same time
RM-RF dir1 DIR2 Delete two directories and their contents at the same time
MV Dir1 New_dir Renaming/Moving a directory
CP file1 file2 Copy a file
CP dir/*. Copy all files under a directory to the current working directory
Cp-a/tmp/dir1. Copy a directory to the current working directory
Cp-a dir1 dir2 Copy a directory
Ln-s file1 lnk1 Create a soft link to a file or directory
ln file1 lnk1 Create a physical link to a file or directory
Touch-t 0712250000 File1 Modify the timestamp of a file or directory-(YYMMDDHHMM)
File File1 outputs the MIME type of the file as text
Iconv-l List of known encodings
Iconv-f fromencoding-t toencoding inputfile > OutputFile creates a new from the given input file by assuming it is en Coded in fromencoding and converting it to toencoding.
Find. -maxdepth 1-name *.jpg-print-exec Convert "{}"-resize 80x60 "thumbs/{}" \; Batch resize files in the current directory and send them to a thumbnails directory (requires convert from Imagemagick)

File Search
Find/-name file1 from '/' to the root file system to search for files and directories
Find/-user User1 search for files and directories belonging to user ' User1 '
Find/home/user1-name \*.bin in directory '/home/user1 ' search for files with '. Bin '
Find/usr/bin-type f-atime +100 Search execution files that have not been used in the last 100 days
Find/usr/bin-type f-mtime-10 search for files created or modified within 10 days
Find/-name \*.rpm-exec chmod 755 ' {} '; Search for files ending with '. RPM ' and define their permissions
Find/-xdev-name \*.rpm search for files ending with '. RPM ', ignoring removable devices such as optical drives, Czech disks, etc.
Locate \*.ps looking for files ending with '. ps '-run the ' updatedb ' command first
Whereis Halt shows the location of a binary file, source code, or man
Which halt displays the full path of a binary file or executable file

mount a file system
MOUNT/DEV/HDA2/MNT/HDA2 mount a disk called hda2-ok directory '/mnt/hda2 ' already exists
UMOUNT/DEV/HDA2 unload a disk called Hda2-first from Mount point '/mnt/hda2 ' exit
Fuser-km/mnt/hda2 force unload when the device is busy
Umount-n/mnt/hda2 run unload operation without writing/etc/mtab file-useful when file is read-only or when disk is full
Mount/dev/fd0/mnt/floppy mount a floppy disk
Mount/dev/cdrom/mnt/cdrom mount a CDROM or dvdrom
Mount/dev/hdc/mnt/cdrecorder mount a CDRW or dvdrom
Mount/dev/hdb/mnt/cdrecorder mount a CDRW or dvdrom
Mount-o Loop File.iso/mnt/cdrom mount a file or ISO image file
Mount-t Vfat/dev/hda5/mnt/hda5 to mount a Windows FAT32 file system
Mount/dev/sda1/mnt/usbdisk mount a USB drive or flash device
Mount-t Smbfs-o Username=user,password=pass//winclient/share/mnt/share to mount a Windows network share

Disk space
DF-H displays a list of the partitions that are already mounted
LS-LSR |more arranging files and directories in size
Du-sh dir1 estimate directory ' Dir1 ' already used disk space '
Du-sk * | SORT-RN display the size of files and directories in terms of capacity size
Rpm-q-a--qf '%10{size}t%{name}n ' | SORT-K1,1N the space used by the installed RPM package, based on size (Fedora, Redhat class System)
Dpkg-query-w-f= ' ${installed-size;10}t${package}n ' | SORT-K1,1N Displays the space used by the installed Deb package based on size (Ubuntu, Debian System)

Return Top Index ^

Users and Groups
Groupadd group_name Create a new user group
Groupdel group_name Delete a user group
Groupmod-n new_group_name old_group_name Renaming a user group
Useradd-c "Name Surname"-G admin-d/home/user1-s/bin/bash user1 create a user who belongs to the "admin" user group
Useradd User1 create a new user
Userdel-r User1 Delete a user ('-R ' exclude home directory)
Usermod-c "User FTP"-G system-d/ftp/user1-s/bin/nologin user1 to modify users ' properties
passwd changing passwords
passwd User1 Modify a user's password (root only allowed)
Chage-e 2005-12-31 user1 setting the expiration period for user passwords
Pwck checking the file format and syntax corrections of '/etc/passwd ' and the presence of the user
GRPCK checking the file format and syntax corrections of '/etc/passwd ' and the presence of groups
Newgrp group_name Log in to a new group to change the preset group of newly created files

Return Top Index ^

Permissions for files-use "+" to set permissions, use "-" to cancel
LS-LH Display Permissions
ls/tmp | Pr-t5-w$columns the terminal into 5 column display
chmod ugo+rwx Directory1 Set directory owner (U), Group (g), and others (O) to read (R), write (w), and execute (x) permissions
chmod go-rwx directory1 Delete Group (g) Read and write execution permissions to the directory with others (O)
Chown user1 File1 Change the Owner property of a file
Chown-r User1 Directory1 Change the owner property of a directory and change the properties of all files in the directory at the same time
CHGRP group1 file1 Changing a group of files
Chown user1:group1 File1 Changing the owner and group properties of a file
Find/-perm-u+s lists all files in a system that use SUID control
chmod U+s/bin/file1 sets the SUID bit of a binary file-the user who runs the file is also given the same permissions as the owner
chmod u-s/bin/file1 Disables the suid bit for a binary file
chmod G+s/home/public sets the Sgid bit of a directory-similar to suid, but this is a directory-specific
chmod g-s/home/public Disable SGID bit of a directory
chmod O+t/home/public Set the STIKY bit of a file-allow only legitimate owners to delete files
chmod o-t/home/public Disable STIKY bit of a directory

Return Top Index ^

Special properties of the file-use "+" to set permissions, use "-" to cancel
Chattr +a File1 only allowed to read and write files in append mode
Chattr +c File1 allows this file to be automatically compressed/decompressed by the kernel
Chattr +d file1 A file system backup, the DUMP program ignores this file
Chattr +i File1 is set to an immutable file and cannot be deleted, modified, renamed, or linked
Chattr +s File1 allows a file to be safely deleted
Chattr +s File1 Once the application writes to this file, the system immediately writes the result of the modification to the disk
Chattr +u File1 If the file is deleted, the system will allow you to recover the deleted file later.
Lsattr Displaying special properties

Return Top Index ^

Packaging and compressing files
BUNZIP2 file1.bz2 Extract a file called ' file1.bz2 '
bzip2 file1 compress a file called ' File1 '
Gunzip file1.gz Extract a file called ' file1.gz '
gzip File1 compress a file called ' File1 '
gzip-9 file1 Maximum Compression
RAR a File1.rar test_file create a package called ' File1.rar '
RAR a file1.rar file1 file2 dir1 simultaneously compresses ' file1 ', ' file2 ' and directory ' Dir1 '
rar x File1.rar decompression rar Package
Unrar x File1.rar decompression rar Package
TAR-CVF Archive.tar File1 Create a non-compressed tarball
TAR-CVF Archive.tar file1 file2 dir1 Create a file containing ' file1 ', ' file2 ' and ' Dir1 '
TAR-TF Archive.tar Display the contents of a package
TAR-XVF Archive.tar Release a package
TAR-XVF ARCHIVE.TAR-C/TMP releases the compressed package into the/tmp directory
TAR-CVFJ archive.tar.bz2 Dir1 Create a compressed package in BZIP2 format
TAR-XVFJ archive.tar.bz2 extract a compressed package in BZIP2 format
TAR-CVFZ archive.tar.gz Dir1 Create a zipped package in gzip format
TAR-XVFZ archive.tar.gz Unzip a compressed package in gzip format
Zip file1.zip file1 Create a zip-format compression Package
Zip-r file1.zip file1 file2 Dir1 compresses several files and directories into a zip-format package at the same time
Unzip File1.zip unzip a zip-format tarball

Return Top Index ^

RPM Packages-(Fedora, Redhat and similar systems)
RPM-IVH package.rpm Installing an RPM package
RPM-IVH--nodeeps package.rpm Install an RPM package and ignore dependency warnings
Rpm-u package.rpm Update a RPM package without changing its configuration file
Rpm-f package.rpm update one to determine which RPM package is installed
Rpm-e package_name.rpm Delete an RPM package
RPM-QA display all installed RPM packages in the system
Rpm-qa | grep httpd shows all RPM packages with the words "httpd" in their names
Rpm-qi Package_name get special information for an installed package
RPM-QG "System environment/daemons" shows the RPM package for a component
RPM-QL Package_name displays a list of files provided by an already installed RPM package
RPM-QC Package_name Displays a list of configuration files provided by an already installed RPM package
Rpm-q package_name--whatrequires shows a list of dependencies that exist with a RPM package
Rpm-q package_name--whatprovides shows the volume of a RPM package
Rpm-q package_name--scripts Show scripts executed during installation/removal L
Rpm-q package_name--changelog shows the revision history of a RPM package
rpm-qf/etc/httpd/conf/httpd.conf confirm which RPM package is provided for the given file
RPM-QP package.rpm-l displays a list of files provided by a RPM package that has not been installed
RPM--import/media/cdrom/rpm-gpg-key Import Public key digital certificate
RPM--checksig package.rpm confirming the integrity of a RPM package
RPM-QA Gpg-pubkey confirm the integrity of all RPM packages that have been installed
Rpm-v package_name Check file size, license, type, owner, group, MD5 check, and last modified time
Rpm-va Check all installed RPM packages in the system-use with care
RPM-VP package.rpm confirm that an RPM package is not installed
Rpm2cpio package.rpm | Cpio--extract--make-directories *bin* Run executable from an RPM package
rpm-ivh/usr/src/redhat/rpms/' arch '/package.rpm install a built-in package from a RPM source
Rpmbuild--rebuild package_name.src.rpm Build a RPM package from one RPM source

Return Top Index ^

YUM Package Upgrade-(Fedora, Redhat and similar systems)
Yum install package_name download and install a RPM package
Yum Localinstall package_name.rpm will install a RPM package and use your own software repository to resolve all dependencies for you
Yum Update package_name.rpm updates all installed RPM packages in the current system
Yum Update package_name updates a RPM package
Yum Remove package_name Delete an RPM package
Yum list lists all packages installed in the current system
Yum search package_name searching for packages in RPM repositories
Yum Clean Packages cleanup rpm cache to delete downloaded packages
Yum Clean headers Delete all header files
Yum Clean all deletes all cached packages and header files

Return Top Index ^

DEB packages (Debian, Ubuntu and similar systems)
Dpkg-i package.deb Install/update a deb Package
Dpkg-r package_name Remove a deb package from the system
DPKG-L display all installed Deb packages in the system
Dpkg-l | grep httpd Displays all the Deb packages with the words "httpd" in their names
Dpkg-s Package_name get information on a special package already installed in the system
Dpkg-l Package_name displays a list of files provided by a Deb package that is already installed in the system
Dpkg--contents Package.deb shows a list of files provided by a package that has not yet been installed
Dpkg-s/bin/ping confirm which Deb package the given file is provided by

Return Top Index ^

APT software tools (Debian, Ubuntu and similar systems)
Apt-get install package_name Installing/updating a deb package
Apt-cdrom install package_name Installing/updating a Deb package from CD
Apt-get update packages in the upgrade list
Apt-get Upgrade upgrade all installed software
Apt-get Remove Package_name A deb package from the system
Apt-get Check to verify that the software repositories that are dependent are correct
Apt-get clean the cache from the downloaded package
Apt-cache Search Searched-package Returns the package name that contains the string you want to search

Return Top Index ^

View File Contents
Cat File1 Viewing the contents of a file starting from the first byte
TAC File1 To reverse view the contents of a file from the last line
More File1 View the contents of a long file
Less file1 is similar to the ' more ' command, but it allows a reverse operation in the same way as a forward operation in a file
Head-2 File1 View the first two lines of a file
Tail-2 File1 View the last two lines of a file
Tail-f/var/log/messages Real-time view of content that is added to a file

Return Top Index ^

Text Processing
Cat File1 file2 ... | Command <> File1_in.txt_or_file1_out.txt general syntax for text manipulation using PIPE, STDIN and STDOUT
Cat File1 | Command (SED, grep, awk, grep, etc ...) > Result.txt Merge the detailed description text of a file and write the introduction to a new file
Cat File1 | Command (SED, grep, awk, grep, etc ...) >> Result.txt Merge The detailed description text of a file and write the introduction to an existing file
grep aug/var/log/messages Find the keyword "/var/log/messages" in the file '
grep ^aug/var/log/messages in file '/var/log/messages ' to find words that begin with "."
grep [0-9]/var/log/messages selects all rows in the '/var/log/messages ' file that contain numbers
grep aug-r/var/log/* searches the directory '/var/log ' and subsequent directories for the string "the"
Sed ' s/stringa1/stringa2/g ' example.txt replace "string1" in Example.txt file with "string2"
Sed '/^$/d ' example.txt remove all blank lines from the Example.txt file
Sed '/*#/d; /^$/d ' Example.txt Remove all comments and blank lines from the Example.txt file
echo ' Esempio ' | TR ' [: Lower:] ' [: Upper:] ' merging upper and lower cell contents
Sed-e ' 1d ' result.txt excluding the first line from the file Example.txt
Sed-n '/stringa1/p ' view lines that contain only the word "string1"
Sed-e ' s/*$//' example.txt remove the last white space character from each line
Sed-e ' s/stringa1//g ' example.txt only removes the word "string1" from the document and retains all remaining
Sed-n ' 1,5p;5q ' example.txt view the contents from the first line to the 5th line
Sed-n ' 5p;5q ' example.txt view line 5th
Sed-e ' s/00*/0/g ' Example.txt replaces multiple zeros with a single 0
Cat-n file1 number of lines to mark a file
Cat Example.txt | awk ' nr%2==1 ' deletes all even lines in the Example.txt file
echo a b C | awk ' {print '} ' view one row of the first column
echo a b C | awk ' {print $1,$3} ' view the first and third columns of a row
Paste file1 file2 Merge two files or two columns of content
Paste-d ' + ' file1 file2 merge two files or two columns of content, in the middle with "+" distinction
Sort file1 file2 Sorting two contents of a file
Sort File1 File2 | Uniq Remove the set of two files (duplicate lines are retained only one copy)
Sort File1 File2 | Uniq-u Delete the intersection, leaving the other rows
Sort File1 File2 | Uniq-d Remove the intersection of two files (leaving only files that exist in two files)
Comm-1 file1 file2 Compare the contents of two files delete only what ' file1 ' contains
Comm-2 file1 file2 Compare the contents of two files delete only what ' file2 ' contains
comm-3 file1 file2 Compare the contents of two files delete only two files that are common to each other

Return Top Index ^


Character settings and file format conversions
Dos2unix filedos.txt fileunix.txt Convert the format of a text file from Msdos to Unix
Unix2dos fileunix.txt filedos.txt Convert the format of a text file from UNIX to Msdos
Recode. HTML < page.txt > page.html Convert a text file to HTML
Recode-l | More Show all allowable conversion formats

Return Top Index ^

File System Analysis
Badblocks-v/dev/hda1 Check for bad blocks on disk hda1
FSCK/DEV/HDA1 repairing/Checking the integrity of the Linux file system on the HDA1 disk
FSCK.EXT2/DEV/HDA1 repairing/Checking the integrity of the Ext2 file system on the HDA1 disk
E2FSCK/DEV/HDA1 repairing/Checking the integrity of the Ext2 file system on the HDA1 disk
E2fsck-j/dev/hda1 Repairing/checking the integrity of ext3 file systems on HDA1 disks
FSCK.EXT3/DEV/HDA1 repairing/Checking the integrity of the Ext3 file system on the HDA1 disk
FSCK.VFAT/DEV/HDA1 repairing/Checking the integrity of the FAT file system on the HDA1 disk
FSCK.MSDOS/DEV/HDA1 repairing/Checking the integrity of the DOS file system on the HDA1 disk
DOSFSCK/DEV/HDA1 repairing/Checking the integrity of the DOS file system on the HDA1 disk

Return Top Index ^

Initializing a file system
MKFS/DEV/HDA1 creating a file system in the HDA1 partition
MKE2FS/DEV/HDA1 creating a Linux ext2 file system in the HDA1 partition
Mke2fs-j/dev/hda1 Create a Linux ext3 (journaled) file system in the HDA1 partition
Mkfs-t vfat 32-f/dev/hda1 Create a FAT32 file system
Fdformat-n/dev/fd0 formatting a floppy disk
Mkswap/dev/hda3 creating a swap file system

Return Top Index ^

Swap file system
Mkswap/dev/hda3 creating a swap file system
Swapon/dev/hda3 enabling a new swap file system
SWAPON/DEV/HDA2/DEV/HDB3 enable two swap partitions

Return Top Index ^

Backup
Dump-0aj-f/tmp/home0.bak/home make a full backup of the '/home ' directory
Dump-1aj-f/tmp/home0.bak/home make an interactive backup of the '/home ' directory
Restore-if/tmp/home0.bak Restoring an interactive backup
Rsync-rogpav--delete/home/tmp sync on both sides of the directory
Rsync-rogpav-e ssh--delete/home ip_address:/tmp via SSH channel rsync
RSYNC-AZ-E SSH--delete ip_addr:/home/public/home/local synchronizes a remote directory to a local directory via SSH and compression
RSYNC-AZ-E ssh--delete/home/local ip_addr:/home/public synchronizing the local directory to the remote directory via SSH and compression
DD bs=1m If=/dev/hda | gzip | SSH [email protected]_addr ' dd of=hda.gz ' to perform a backup of the local disk on the remote host via SSH
DD IF=/DEV/SDA of=/tmp/file1 Backup disk contents to a file
Tar-puf Backup.tar/home/user performs an interactive backup operation on the '/home/user ' directory
(cd/tmp/local/&& tar C.) | ssh-c [email protected]_addr ' cd/home/share/&& tar x-p ' copy a directory content from the remote directory via SSH
(Tar c/home) | ssh-c [email protected]_addr ' cd/home/backup-home && tar x-p ' copy a local directory from the remote directory via SSH
Tar CF-. | (cd/tmp/backup; tar xf-) copy a directory locally to another location, preserving the original permissions and links
Find/home/user1-name ' *.txt ' | Xargs Cp-av--target-directory=/home/backup/--parents Find and copy all files ending with '. txt ' from a directory to another directory
Find/var/log-name ' *.log ' | Tar CV--files-from=-| bzip2 > log.tar.bz2 Find all files that end with '. Log ' and make a bzip package
DD If=/dev/hda of=/dev/fd0 bs=512 count=1 do an action to copy the contents of the MBR (Master Boot Record) to a floppy disk
DD if=/dev/fd0 of=/dev/hda bs=512 count=1 recover MBR content from a backup that has been saved to a floppy disk

Return Top Index ^

Disc
Cdrecord-v gracetime=2 Dev=/dev/cdrom-eject Blank=fast-force to clear a rewritable disc content
Mkisofs/dev/cdrom > Cd.iso Create a CD-ROM ISO image file on disk
Mkisofs/dev/cdrom | Gzip > Cd_iso.gz Create a compressed disc ISO image file on disk
Mkisofs-j-allow-leading-dots-r-V "Label CD"-iso-level 4-o./cd.iso data_cd Create an ISO image file for a directory
Cdrecord-v dev=/dev/cdrom Cd.iso Burning an ISO image file
GZIP-DC cd_iso.gz | Cdrecord Dev=/dev/cdrom-Burn a compressed ISO image file
Mount-o Loop Cd.iso/mnt/iso mount an ISO image file
Cd-paranoia-b from a CD to the audio track to the WAV file
Cd-paranoia--"-3" from a CD to the audio track to the WAV file (parameter-3)
Cdrecord--scanbus Scan bus to identify SCSI channels
DD IF=/DEV/HDC | md5sum Verifying the md5sum encoding of a device, such as a CD

Application commands
~~~~~~~~~~

WHOIS domain/IP View details of the domain name.
Ping domain/IP test this machine to remote host is connected.
Dig domain/IP view for more information on domain name resolution.
HOST-L Domain DNS server transport zone.
Scanning
Nmap:
-SS Half-open scan for TCP and SYN scans.
-st A full TCP connection scan.
-SU UDP Scan
-ps SYN packet Detection (firewall detection)
-PA ACK Packet detection (firewall detection)
-PN does not ping.
-N non-DNS resolution.
-a-o and-SV.
-O Operating system identification.
-SV Service version information (banner)
-p port scan.
-T set time level (0-5)
-il Import Scan results.
-og output scan results.

Operating System identification:
P0f-i Eth0-u-P turn on promiscuous mode.
Xprobe2 ip| domain name detection os.

Banner get:
The NC IP Port detects if the port is open.
Telnet IP Port detects if the port is open.
wget IP Download Home page.
Cat Index.html | More displays the page code.
Q Exit.

Windows enumeration
Nmap-ss-p 139,445 IP Scan windows.
Cd/pentest/enumeration/smb-enum
Nbtscan-f Targetip detects NetBIOS.
Smbgetserverinfo-i targetip Scan Name,os, group.
Smbdumpusers-i Targetip lists the users.
Smbclient-l//targetip lists the shares.

Using Windows:
NET use \\ipipc$ ""/U: "" opens a null session.
NET view \\IP displays shared information.
Smbclient:
Smbclient-l Hostname-i Targetip Enumeration share.
Smbclient-l hostname/share-u "" Connect with an empty user.
Smbclient-l hostname-i targetip-u Admin Normal user connection.

Rpcclient:
Rpcclient targetip-u "" opens a null session.
NetShareEnum enumeration shares.
Enumdomusers enumerates the users.
Lsaenumsid enumerates the domain SIDs.
Queryuser RID queries user information.
Createdomuser Create user access.

ARP spoofing:
Ettercap:
nano/usr/local/etc/etter.conf configuration file
Sniff > Unified sniffing > Network Interface:eth0 > OK set up the Packet capture network card
Hosts > Scan for hosts (does this and times) scans the host of a network segment
Hosts > Hosts list display host lists
Select the default gateway > Add to Target 1 host
Select the target > Add to target 2 host
Mitm > ARP poisoning > Sniff remote connections > OK set ARP attack
Starting > Start sniffing attack
Dsniff-i eth0 Listening network card eavesdropping login user password
Urlsnarf-i eth0 sniffing HTTP requests
Msgsnarf-i eth0 sniffing chat software chat content
Driftnet-i eth0 Network Management sniffing pictures, audio.

DNS spoofing:
Nano/usr/local/share/ettercap/etter.dns Editing a configuration file
Plugins > Manage The Plugins > Dns_spoof set up DNS spoofing
Mitm > ARP poisoning > Sniff remote connections > OK set ARP
Starting > Start sniffing attack

Exploits exploit:
Cd/pentest/exploits/exploit-db Entering the catalogue
Cat Sploitlist.txt | grep-i [exploit] query required vulnerability
Cat Exploit | grep "#include" Check the operating environment
Cat Sploitlist.txt | Grep-i Exploit | Cut-d ""-f1 | Xargs grep sys | Cut-d ":"-F1 | Sort-u only retains code that can be run under Linux

Metasploit:
SVN update upgrade
./msfweb Web Interface 127.0.0.1:55555.
The console under the./msfconsole character.
Help
Show <option> Show options
Search <name> Name
Use <exploit name> Usage Vulnerability
Show options Display option
Set <option name> <option> setup Options
Show payloads display unit
Set PAYLOAD <payload name> setting device
Show options Display option
Set <option name> <option> setup Options
Show targets display target (OS version)
Set Target <target number> setting destination version
Exploit start vulnerability attack
Sessions-l List Sessions
Sessions-i <ID> Select session
Sessions-k <ID> End Session
<ctrl> Z put the conversation in the background
<ctrl> C End Session
Jobs Lists Bugs running
Jobs-k ending a vulnerability running work
Show auxiliary display Auxiliary module
Use <auxiliary name> using auxiliary modules
Set <option name> <option> setup Options
Run module
Scanner/smb/version Scan System version
Scanner/mssql/mssql_ping test if MSSQL is online
Scanner/mssql/mssql_login Test Login (violence or dictionary)
Attacker behind Firewall:bind Shell forward
Target behind Firewall:reverse Shell reverse
Meterpreter connection does not understand DOS can use this:
Db_import_nessus_nbe Loading Nessus Scan results
Db_import_nmap_xml Loading Nmap Scan results
Automated attack Flow:
Cd/pentest/exploit/framework3
./msfconsole
Load Db_sqlite3
Db_destroy Pentest
Db_create Pentest
Db_nmap Targetip

Kali Linux Command Set

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.