November
19
November
19
Linux: tmux shortcuts & cheatsheet
start new:
tmux
start new with session name:
tmux new -s myname
attach:
tmux a # (or at, or attach)
attach to named:
tmux a -t myname
list sessions:
tmux ls
kill session:
tmux kill-session -t myname
Kill all the tmux sessions:
tmux ls | grep : | cut -d. -f1 | awk '{print substr($1, 0, length($1)-1)}' | xargs kill
In tmux, hit the prefix ctrl+b (my modified prefix is ctrl+a) and then:
Sessions
:new<CR> new session
s list sessions
$ name session
Windows (tabs)
c create window
w list windows
n next window
p previous window
f find window
, name window
& kill window
Panes (splits)
% vertical split
" horizontal split
o swap panes
q show pane numbers
x kill pane
+ break pane into window (e.g. to select text by mouse to copy)
- restore pane from window
⍽ space - toggle between layouts
<prefix> q (Show pane numbers, when the numbers show up type the key to goto that pane)
<prefix> { (Move the current pane left)
<prefix> } (Move the current pane right)
<prefix> z toggle pane zoom
Sync Panes
You can do this by switching to the appropriate window, typing your Tmux prefix (commonly Ctrl-B or Ctrl-A) and then a colon to bring up a Tmux command line, and typing:
:setw synchronize-panes
You can optionally add on or off to specify which state you want; otherwise the option is simply toggled. This option is specific to one window, so it won’t change the way your other sessions or windows operate. When you’re done, toggle it off again by repeating the command. tip source
Resizing Panes
You can also resize panes if you don’t like the layout defaults. I personally rarely need to do this, though it’s handy to know how. Here is the basic syntax to resize panes:
PREFIX : resize-pane -D (Resizes the current pane down)
PREFIX : resize-pane -U (Resizes the current pane upward)
PREFIX : resize-pane -L (Resizes the current pane left)
PREFIX : resize-pane -R (Resizes the current pane right)
PREFIX : resize-pane -D 20 (Resizes the current pane down by 20 cells)
PREFIX : resize-pane -U 20 (Resizes the current pane upward by 20 cells)
PREFIX : resize-pane -L 20 (Resizes the current pane left by 20 cells)
PREFIX : resize-pane -R 20 (Resizes the current pane right by 20 cells)
PREFIX : resize-pane -t 2 20 (Resizes the pane with the id of 2 down by 20 cells)
PREFIX : resize-pane -t -L 20 (Resizes the pane with the id of 2 left by 20 cells)
Copy mode:
Pressing PREFIX [ places us in Copy mode. We can then use our movement keys to move our cursor around the screen. By default, the arrow keys work. we set our configuration file to use Vim keys for moving between windows and resizing panes so we wouldn’t have to take our hands off the home row. tmux has a vi mode for working with the buffer as well. To enable it, add this line to .tmux.conf:
setw -g mode-keys vi
With this option set, we can use h, j, k, and l to move around our buffer.
To get out of Copy mode, we just press the ENTER key. Moving around one character at a time isn’t very efficient. Since we enabled vi mode, we can also use some other visible shortcuts to move around the buffer.
For example, we can use "w" to jump to the next word and "b" to jump back one word. And we can use "f", followed by any character, to jump to that character on the same line, and "F" to jump backwards on the line.
Function vi emacs
Back to indentation ^ M-m
Clear selection Escape C-g
Copy selection Enter M-w
Cursor down j Down
Cursor left h Left
Cursor right l Right
Cursor to bottom line L
Cursor to middle line M M-r
Cursor to top line H M-R
Cursor up k Up
Delete entire line d C-u
Delete to end of line D C-k
End of line $ C-e
Goto line : g
Half page down C-d M-Down
Half page up C-u M-Up
Next page C-f Page down
Next word w M-f
Paste buffer p C-y
Previous page C-b Page up
Previous word b M-b
Quit mode q Escape
Scroll down C-Down or J C-Down
Scroll up C-Up or K C-Up
Search again n n
Search backward ? C-r
Search forward / C-s
Start of line 0 C-a
Start selection Space C-Space
Transpose chars C-t
Misc
d detach
t big clock
? list shortcuts
: prompt
Configurations Options:
# Mouse support - set to on if you want to use the mouse
* setw -g mode-mouse off
* set -g mouse-select-pane off
* set -g mouse-resize-pane off
* set -g mouse-select-window off
# Set the default terminal mode to 256color mode
set -g default-terminal "screen-256color"
# enable activity alerts
setw -g monitor-activity on
set -g visual-activity on
# Center the window list
set -g status-justify centre
# Maximize and restore a pane
unbind Up bind Up new-window -d -n tmp \; swap-pane -s tmp.1 \; select-window -t tmp
unbind Down
bind Down last-window \; swap-pane -s tmp.1 \; kill-window -t tmp
November
19
Linux: Screen Command
Getting in test
start a new screen session with session name screen -S <name>
list running sessions/screens screen -ls
attach to a running session screen -x
attach to session name screen -r <name>
the “ultimate attach” screen -dRR (Attaches to a screen session. If the session is attached elsewhere, detaches that other display. If no session exists, creates one. If multiple sessions exist, uses the first one.)
Escape key
All screen commands are prefixed by an escape key, by default C-a (that's Control-a, sometimes written ^a). To send a literal C-a to the programs in screen, use C-a a. This is useful when working with screen within screen. For example C-a a n will move screen to a new window on the screen within screen.
Getting out
detach C-a d
detach and logout (quick exit) C-a D D
exit screen C-a \ Exit all of the programs in screen. (not recommended)
force-exit screen C-a C-\ (not recommended)
getting out of the screen session exit
Window Management
create new window C-a c
change to last-visited active window C-a C-a (commonly used to flip-flop between two windows)
change to window by number C-a <number> (only for windows 0 to 9)
change to window by number or name C-a ' <number or title>
change to next window in list C-a n or C-a <space>
change to previous window in list C-a p or C-a <backspace>
see window list C-a " (allows you to select a window to change to)
show window bar C-a w (if you don't have window bar)
close current window Close all applications in the current window (including shell)
kill current window C-a k (not recommended)
kill all windows C-a \ (not recommended)
rename current window C-a A
Split screen
split display horizontally C-a S
split display vertically C-a | or C-a V (for the vanilla vertical screen patch)
jump to next display region C-a tab
remove current region C-a X
remove all regions but the current one C-a Q
Clipboard and Navigation
freely navigate buffer C-a [ or C-a <esc>
toggle selection to copy space
paste C-a ]
Help
See help C-a ? (lists keybindings)
The man page is the complete reference.
Scripting
To any session name,
send a command to a named session screen -S <name> -X <command>
create a new window and run ping example.com screen -S <name> -X screen ping example.com
stuff characters into the input buffer
using bash to expand a newline character
(from here)
screen -S <name> [-p <page>] -X stuff $'quit\r'
A full example:
# run bash within screen
screen -AmdS bash_shell bash
# run top within that bash session
screen -S bash_shell -p 0 -X stuff $'top\r'
# ... some time later
# stuff 'q' to tell top to quit
screen -S bash_shell -X stuff 'q'
# stuff 'exit\n' to exit bash session
screen -S bash_shell -X stuff $'exit\r'
Misc
redraw window C-a C-l
monitor window for activity C-a M
monitor window for silence C-a _
enter digraph (for producing non-ASCII characters) C-a C-v
lock (password protect) session C-a x
enter screen command C-a :
enable logging in the screen session C-a H
Scrollback-buffer
In copy mode, one can navigate the scrollback buffer in various ways:
half page up C-u half page down C-d
back C-b forward C-f
cursor left/down/up/right h/j/k/l
Other Examples:
screen -AmdS bash_shell bash ; screen -S bash_shell -p 0 -X stuff $'yum update -y\r' ; screen -S bash_shell -p 0 -X stuff $'exit\r'
screen -AmdS bash_shell bash ; screen -S bash_shell -p 0 -X stuff $'yum update -y\r' ; screen -S bash_shell -p 0 -X stuff $'reboot\r'
November
19
Linux: Ping scanning without nmap
- Usefull for when you don’t have nmap and need to find a missing host. Pings all addresses from 10.1.1.1 to 10.1.1.254, modify for your subnet. Timeout set to 1 sec for speed, if running over a slow connection you should raise that to avoid missing replies. This will clean up the junk, leaving just the IP address:
for i in {1..254}; do ping -c 1 -W 1 10.1.1.$i | grep ‘from’ | cut -d’ ‘ -f 4 | tr -d ‘:’; done Show Sample Output
- Waits for all pings to complete and returns ip with mac address
(prefix=”10.59.21″ && for i in seq 254; do (sleep 0.5 && ping -c1 -w1 $prefix.$i &> /dev/null && arp -n | awk ‘ /’$prefix’.’$i’ / { print $1 ” ” $3 } ‘) & done; wait)
- This version combines the best of the other suggestions and adds these features: 1. It scans a /16 subnet 2. It is very fast by running the ping commands in the background, running them in parallel. 3. Does not use the “-W” option as that’s not available in older ping versions (I needed this for OS X 10.5)
prefix=”169.254″ && for i in {0..254}; do echo $prefix.$i/8; for j in {1..254}; do sh -c “ping -m 1 -c 1 -t 1 $prefix.$i.$j | grep \”icmp\” &” ; done; done
- Not really an easier solution. But an example using && for (if last command returned 0). You can use || for (if last command returned other than 0).
prefix=”10.0.0″ && for i in seq 25; do ping -c 1 $prefix.$i &> /dev/null && echo “Answer from: $prefix.$i” ; done
November
19
Linux: Nmap Examples
Basic Nmap scanning examples, often used at the first stage of enumeration.
Command Description
nmap -sP 10.0.0.0/24
Ping scans the network, listing machines that respond to ping.
nmap -p 1-65535 -sV -sS -T4 target
Full TCP port scan using with service version detection – usually my first scan, I find T4 more accurate than T5 and still “pretty quick”.
nmap -v -sS -A -T4 target
Prints verbose output, runs stealth syn scan, T4 timing, OS and version detection + traceroute and scripts against target services.
nmap -v -sS -A -T5 target
Prints verbose output, runs stealth syn scan, T5 timing, OS and version detection + traceroute and scripts against target services.
nmap -v -sV -O -sS -T5 target
Prints verbose output, runs stealth syn scan, T5 timing, OS and version detection.
nmap -v -p 1-65535 -sV -O -sS -T4 target
Prints verbose output, runs stealth syn scan, T4 timing, OS and version detection + full port range scan.
nmap -v -p 1-65535 -sV -O -sS -T5 target
Prints verbose output, runs stealth syn scan, T5 timing, OS and version detection + full port range scan.
Agressive scan timings are faster, but could yeild inaccurate results!
T5 uses very aggressive scan timings and could lead to missed ports, T4 is a better compromise if you need fast results.
Nmap scan from file
Command Description
nmap -iL ip-addresses.txt
Scans a list of IP addresses, you can add options before / after.
Nmap output formats
Command Description
nmap -sV -p 139,445 -oG grep-output.txt 10.0.1.0/24
Outputs “grepable” output to a file, in this example Netbios servers.
E.g, The output file could be grepped for “Open”.
nmap -sS -sV -T5 10.0.1.99 –webxml -oX –
| xsltproc –output file.html –
Export nmap output to HTML report.
Nmap Netbios Examples
Command Description
nmap -sV -v -p 139,445 10.0.0.1/24
Find all Netbios servers on subnet
nmap -sU –script nbstat.nse -p 137 target
Nmap display Netbios name
nmap –script-args=unsafe=1 –script
smb-check-vulns.nse -p 445 target
Nmap check if Netbios servers are vulnerable to MS08-067