Skip to content

Linux Command Cheat Sheet

Beginner Linux Command Line

This reference page contains a short list of commonly used Linux commands to help you get up and running with Linux in the Cyber Range.

cd 

Changes the current working directory

cd -

Changes to the previous directory

cd ~

Changes to the $HOME directory

cd ../

Changes to the parent directory

pwd

Prints the current working directory

ls

Will list files in the current directory or a specified directory - Example: ls /home/user

ls -al

Will list files in "long" format and show hidden files

ls -ltr

Will list files in long format, by age, and in reverse

man ls

Allows a user to read the user manual for a specific command

mkdir

Allows a user to create a directory - Example: mkdir mynewDirectory

mkdir -p 1/2

Make directory 1 along with subdirectory 2

rmdir dir1

Will remove the empty directory dir1

rm file

Will remove a specified file

rm file*

Will remove all files starting with "file"

rm -r oldir

Will Recursively remove oldir & and all folder contents

touch fileX

Creates an empty file called "fileX", or will update the time of an existing file

cat f1 f2

Concatenate and print files f1 & f2

nano file1

Nano editor, create or edit file1 (easy, simple)

vim file1

Vim editor, create or edit file1 (difficult, powerful)

leafpad f1

Leafpad graphical file editor (in XCFE, easiest)

ristretto f.jpg

Default graphic viewer in XFCE

wget www

Web/file downloader (www= a full URL)

curl -L www.ex.com/script1.sh | bash -c

Download & run a www hosted script locally

grep XX [file]

Filter & print any lines in file with XX in it

grep "^Nmap"

Filter & print any lines ^(beginning with) "Nmap"

somecommand | mail -s "Subject" me@example.com

Send output from somecommand to email in order to send an email to me@example.com

date

Print the time/date

date +%y-%m-%d

Prints formatted YY-mm-dd date

$(date +%y-%m-%d)

Run embedded command and return text

cat /etc/passwd | cut -f1 -d":" | mail -s "Usernames on $HOST" me@example.com

Prints out all usernames on a system, cut the 1st column, and email it to me.

sudo su -

Super User Do, run the "su -" command to become root (if allowed)

ps auxw | less

List all processes, their PID #s, stats and process names (with less pager)

pstree | less

List all processes in a relational tree format (with less pager)


Networking & Network Security Commands

Be Careful

Please run any potentially dangerous system/network security commands in a safe environment (like the Cyber Range!) or on a system where you have permission to do so! Thanks!

ifconfig eth0

Show IP and VLSM(255) subnet mask

ip addr show eth0

Show IP and CIDR(/24) subnet mask - The number of IPs on your LAN = 2^(32 - CIDR#) e.g. 2^(32-24) = 256 IPs.

hostname -f

Show the machine's (f)ull hostname

hostname -i

Show (I)P address of the hostname

ping -c 3 8.8.8.8

Ping Google's nameserver (8.8.8.8) three times

netstat -antp

*Show (a)ll local to remote (T)CP IP/port connections & (p)rocess names

iptables -L -n

*(L)ist of firewall settings (n)umerically

route -n

Show IP routing tables (n)umerically

nmap -sP [IP/N]

**Ping scan the [IP/subnet address space of hosts]

nmap -sP -nS -oG..

**Ping scan (provide IP OR Network) and output in greppable format

nmap -oG - ..| 

**Same, but pipe scan stdOut [-] to other command(s) (like grep)

nmap -O -n - [IP/N]

**Nmap OS fingerprint scan with no DNS

nmap -O --osscan-limit [IP/N]

**Limit OS port scan to promising targets

nc -lnk [IP#] [port#]

Have netcat listen locally on [your IP#] and [port#] * root needed for ports under 1024

echo "can you hear me?" | nc [remote IP] [remote Port]

Send a message to a remote process/listener on remote IP on a remote port number

#nikto -h www.example.com   - Removing the # will allow the command to run

WARNING

Scan webserver for known vulnerabilities. This command must be run as root, or via sudo command. WARNING! Do not run this without the target-host or network owner's permission.