Skip to content

Instantly share code, notes, and snippets.

@interference-security

interference-security/useful-oneliners.md

Last active April 12, 2021 21:31
Show Gist options
  • Save interference-security/37cbdd778801f22ad7e67b7298c3b4d8 to your computer and use it in GitHub Desktop.
Save interference-security/37cbdd778801f22ad7e67b7298c3b4d8 to your computer and use it in GitHub Desktop.
Download ZIP
Useful One-Liners
Raw
useful-oneliners.md

Nmap output open ports separated by comma:

cat filename.nmap | grep -i "/tcp" | cut -d "/" -f1 | sort | uniq | tr '\n' ',' ; echo ""

Nmap open ports:

Linux: grep -i ".*/tcp.*open.*" filename.nmap | cut -d "/" -f1 | sort -u -n | tr "\n" "," | sed 's/,$//'

Windows: grep -i ".*/tcp.*open.*" filename.nmap | cut -d "/" -f1 | sort2 -u -n | tr -s "\r\n" "," | sed "s/,$//"

Powershell: Select-String -Path .\filename.nmap -Pattern ".*/tcp.*open.*" | Select-Object -ExpandProperty Line | %{$_.Split('/')[0]} | Sort-Object -Unique | %{$_.replace("`r","a")}

Linux ping check:

for ip in `cat TARGETS.txt`; do data=`ping $ip -c 1 | grep -i "packet loss" | cut -d "," -f3`; echo "$ip,$data"; done

Windows Powershell ping check:

1..254 | %{"192.168.1.$($_): $(Test-Connection -count 1 -comp 192.168.1.$($_) -quiet)"}

SSLScans:

for data in `cat targets.txt`; do target=`echo $data | cut -d "," -f1`; port=`echo $data | cut -d "," -f2`; date; echo "[*] Scanning: $target:$port"; sslscan --no-failed --no-colour $target:$port > sslscan-$target-$port; done

For more better output of grep add this: | sed "s/sslscan-//" | sed "s/-/,/"

SSLv3 enabled:

grep -i -l "sslv3" sslscan-*

SSLv2 enabled:

grep -i -l "sslv2" sslscan-*

Weak/Medium strength ciphers:

grep -i -l " 112 bits" sslscan-*

grep -i -l " 56 bits" sslscan-*

grep -i -l " 40 bits" sslscan-*

RC4 ciphers:

grep -i -l "RC4" sslscan-*

CBC ciphers:

grep -i -l "CBC" sslscan-*

Weak hashing algorithm:

grep -i -l "sha1withrsaencryption" sslscan-*

grep -i -l "md5withrsaencryption" sslscan-*

grep -i -l "dsaencryption" sslscan-*

SSL certificate details:

grep -i "Subject:" sslscan-*

grep -i "Issuer:" sslscan-*

grep -i -l "Key Strength.*1024" sslscan-*

HP System Management Homepage Version Detection:

for ip in `cat hp-sys-home-targets.txt`; do dt=`date`; echo "[*] $dt - $ip:2381"; curl -i -s -k "https://$ip:2381/cpqlogin.htm?RedirectUrl=/&RedirectQueryString=" | grep -i smhversion | head -n 1; done

TCPDump capture:

tcpdump -n -A -i eth0 port 21 and src ip_address or dst ip_address

Plink to forward internal Windows ports:

plink.exe YOUR_KALI_IP -P 22 -l root -pw toor -v -R 9090:127.0.0.1:8080 -T

JavaScript One-Liners

AngularJS: angular.version

ReactJS: React.version

JQuery: $().jquery;

Bootstrap: $.fn.tooltip.Constructor.VERSION

Remove JavaScript disabled attribute:

html_elements = ["input", "select", "button"]; for(j=0; j<html_elements.length; j++) { for(i=0; i<document.getElementsByTagName(html_elements[j]).length; i++) { document.getElementsByTagName(html_elements[j])[i].disabled=false; } }

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment