Skip to content

Instantly share code, notes, and snippets.

@aw-junaid

aw-junaid/FunctionalCommands.md

Created January 30, 2026 17:24
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save aw-junaid/e3b0c4325f86c7eafba879ae55c0cd74 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save aw-junaid/e3b0c4325f86c7eafba879ae55c0cd74 to your computer and use it in GitHub Desktop.
Download ZIP
Practical commands for shell interaction, file transfer, user management, auditing, searching help, credential cracking helpers, SSH key usage, IDs, and HTTP actions (curl/wget). Includes corrected syntax and a few essential additions.
Raw
FunctionalCommands.md

Functional Commands (Quick Ops)

Practical commands for shell interaction, file transfer, user management, auditing, searching help, credential cracking helpers, SSH key usage, IDs, and HTTP actions (curl/wget). Includes corrected syntax and a few essential additions.

Shell / interactive sessions

  • python -c "import pty; pty.spawn('/bin/bash')"
    Spawns a fully interactive TTY-like bash shell (better job control, tab completion, and stable interaction after getting a basic shell).

Web requests / grabbing URLs

  • wget -i url.txt -o /dev/null
    Reads URLs from url.txt and fetches them; logs to /dev/null (silent logging).
    Common useful variants: 
    wget -i url.txt -O /dev/null     # discard downloaded bodies
wget -S -O /dev/null URL         # show response headers

Remote desktop

  • rdesktop <ip>
    Connects to a Windows RDP service on the target IP (older RDP client).
    Common options: 
    rdesktop -u USER -p PASS <ip>
rdesktop -g 1280x720 <ip>

File transfer (SCP)

  • scp /tmp/file user@x.x.x.x:/tmp/file

    Uploads /tmp/file to the remote host into /tmp/file.

  • scp user@remoteip:/tmp/file /tmp/file

    Downloads /tmp/file from the remote host into local /tmp/file.

Useful options:

scp -P 2222 file user@host:/path     # non-default SSH port
scp -r dir user@host:/path           # recursive copy

User management

  • useradd -m user

    Creates a new user named user and creates a home directory (-m).

  • passwd user

    Sets or changes the password for user user.

  • userdel -r username

    Deletes the user account; -r removes the home directory and mail spool.
    (rmuser is not standard on most Linux; userdel is the common command.)

Command/session recording

  • script -a outfile
    Records the terminal session to outfile; -a appends.
    Exit/stop recording with Ctrl-D or exit.

Discovering commands / docs

  • apropos subject
    Searches man page descriptions for keywords related to subject.

History usage

  • history

    Displays command history for the current shell.

  • !num

    Executes the history entry with number num (example: !42 reruns command #42).

SSH key passphrase extraction/cracking helper

  • ssh2john.py id_rsa > ssh-key

    Converts an SSH private key (id_rsa) into a hash format that John the Ripper can process; writes to ssh-key.

  • john ssh-key

    Attempts to crack the passphrase/hash stored in ssh-key.

  • ssh -i id_rsa user@ip

    Connects to ip using the specified private key; will prompt for the key passphrase if encrypted.

IDs (user/group)

  • id -u

    Prints the numeric UID of the current user.

  • getent group GROUPNAME | cut -d: -f3

    Prints the numeric GID for GROUPNAME.
    (The version with process substitution works too, but this is simpler and portable.)

curl (GET with URL encoding)

  • curl -G 'http://example.com/file.php' --data-urlencode 'cmd=echo ssh-rsa AA...........'
    Sends a GET request where the cmd parameter is URL-encoded safely. -G tells curl to put the data on the query string.

curl (authenticated upload)

  • curl --user 'tomcat:$3cureP4s5w0rd123!' --upload-file exploit.war "http://megahosting.com:8080/manager/text/deploy?path=/exploit.war"
    Uses HTTP Basic Auth to upload a file via HTTP PUT to the given URL (commonly used with Tomcat Manager endpoints when permitted).

Important additional functional commands

Better interactive shells / terminal fixes

  • python3 -c "import pty; pty.spawn('/bin/bash')"

    python command but for python3.

  • stty -a
stty rows 40 cols 120

    View/fix terminal dimensions when shells behave oddly.

Safer/more flexible file transfers

  • rsync -avP file user@host:/tmp/

    Efficient copy with progress and resume-like behavior.

  • sftp user@host

    Interactive file transfer over SSH.

Quick HTTP interaction

  • curl -I http://example.com

    Fetches only headers (quick status check).

  • curl -sS -o /dev/null -w "%{http_code}\n" http://example.com

    Returns only HTTP status code.

Process/service checks that pair well with these workflows

  • which python python3 wget curl scp ssh

    Confirms tool availability and paths.

  • ss -tulpn

    See listeners and owning processes (useful before/after starting a server or tunnel).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment