# Linux Shell

Add **string to beginning of each line** (before existing strings) and output to new file - Useful for custom password lists (see also, Crunch in [Security Tools List](https://doubtfulturnip.gitbook.io/dts-cybersecurity-tool-kit/tools-list/security-tools-list) using -- "crunch -s" to achieve similar results)

```bash
sed 's/^/InsertCharsHere/' file.txt  > new-file.txt
```

Find **all SUID** files in system

```bash
find / -perm -u=s -type f 2>/dev/null
```

Find **all SUID** binaries

```bash
find / -perm -4000 -type f -exec ls -la {} 2>/dev/null \;
find / -uid 0 -perm -4000 -type f 2>/dev/null
```

Search for binaries with **capabilities** set (similar to SUID) ([1](https://doubtfulturnip.gitbook.io/dts-cybersecurity-tool-kit/guides/quick-reference/python),[2](https://doubtfulturnip.gitbook.io/dts-cybersecurity-tool-kit/guides/specific-techniques/post-exploit))

```bash
getcap -r / 2>/dev/null
```

Search for **IPv4 address** in a file&#x20;

```bash
grep -E -o "([0-9]{1,3}[\.]){3}[0-9]{1,3}" filename
```

Find **string** within file(s)

```bash
grep -rnw '/path/to/somewhere/' -e 'pattern'
-r or -R is recursive,
-n is line number, and
-w stands for match the whole word.
-l (lower-case L) can be added to just give the file name of matching files.
-e is the pattern used during the search
```

Linux **terminal control** sequence commands

```bash
ctrl-c
    interrupts the running program
ctrl-d
    sends an EOF (end of file) to close the terminal
ctrl-z
    suspends the running program
ctrl-s
    freezes the screen, stopping the display
ctrl-q
    thaws out the screen and allows the screen display to continue
ctrl-h
    deletes the last character typed
ctrl-w
    deletes the last word typed
ctrl-u
    deletes the last line typed
ctrl-r
    retrieves previously run commands so you can run them again
ctrl-u
    removes text from the command line and places it in the clipboard
ctrl-y
    grabs text from the clipboard and runs it
ctrl-l
    clears the screen
ctrl-a
    moves cursor to the beginning of the line
ctrl-e
    moves cursor to the end of the line
```

Look at **sudo activity**

```bash
grep -i sudo /var/log/auth.log
```

Getting **interactive shells** after exploit

```bash
#sh
/bin/bash -i
#Bash
echo os.system('/bin/bash')
```