Grep#
grep is commonly used to filter characters from terminal output/text.
Basic syntax
grep "let's find something" file.[txt,json,js,md,etc]
Options
-i: Ignore case
-c: Count matching lines
Using grep makes log analysis convenient. In emergency response, it is often used to analyze log files and filter out specified content.
-e: Specify multiple search conditions
-r: Recursive search, searching all files in the specified directory
-o: Print matching content
grep can be used with the pipe symbol |
, such as:
cat /etc/passwd | grep "root"
Man#
The man command is used to view the syntax manual information of other commands.
Cat#
The cat command is used to view the contents of a file, which will be fully output to the current terminal.
- Merge files
- Create files
cat > newfile.txt
Head#
The head command is used to view the specified number of lines at the beginning of a file, defaulting to 10 lines.
-n: Specify the number of lines
Awk#
awk is a powerful text stream editor that can be used to filter, extract, or transform data.
Sed#
The sed command is a text stream editor that can be used to find, replace, insert, or delete content in files or data streams.
- Replace
# Replace 5 with five
echo 'They ate 5 apples' | sed 's/5/five/'
- Print specified lines
# Only display the fourth, fifth, sixth, and seventh lines from the given input
seq 65 78 | sed -n '4,7p'
68
69
70
71
To print filtered lines, use the p command. However, it should be noted that by default, all input lines will be printed. Therefore, we usually use this command with the -n command line option to turn off the default printing function.
- Regular expressions
BRE: Basic Regular Expression, ERE: Extended Regular Expression
By default, sed treats the search pattern as a Basic Regular Expression (BRE). The -E option can be used to enable Extended Regular Expressions (ERE). In older versions, -r was used to denote ERE, which is still valid, but -E is more universal. The only difference between BRE and ERE in GNU sed is the way metacharacters are applied, and their functionalities are the same.
# Print lines starting with sp
printf 'spared no one\npar\nspar\n' | sed -n '/^sp/p'
spared no one
spar
# Print lines ending with ar
printf 'spared no one\npar\nspar\n' | sed -n '/ar$/p'
par
spar
# Print all lines and replace par with PAR
printf 'spared no one\npar\nspar\n' | sed 's/^par$/PAR/'
spared no one
PAR
spar
- Batch rename files
Tail#
tail is used to view the last few lines of a file.
Chmod#
The chmod command is used to change file permissions. In Linux, file permissions are divided into three groups: owner, group, and others, with permissions being: read (read), write (write), and execute (execute).
The character representation is rwx, and the numeric representation is 755 (r:4,w:2,x:1).
Each file has default permissions; for example, the default permission for files is 644
, and for directories, it is 755
.
Default file permissions are as follows (rw-r--r--
):
Default directory permissions are as follows (rwxr-xr-x
):
Thus, the chmod command can be used to grant a file the corresponding permissions.
# Grant execute permission to other users
chmod +x Test.jar
# Grant all permissions to all files in the directory, usually not recommended to set 777 permissions, as some executable files with overly permissive settings may lead to security issues
chmod 777 -R Pentest/
Xargs#
Use the output of other commands to build and run commands with xargs.
find /var/www/html -type f -name "*.php" | xargs grep "eval("
# The find command is used to search for all php files under the /var/www/html directory
# xargs is used to pass the list of found files as arguments to grep for content filtering, filtering eval( characters from each php file
# Compress multiple files
ls *.log | xargs gzip
Find#
The find command is used to search for files and directories.
# Find all files ending with log
find / -name "*.log"
# Regularly clean up log files older than a month
find /var/log -type f -name "*.log" -mtime +30 -delete
# Backup important files
find ~/Documents -name "*.docx" -exec cp {} /path/to/backup/ \;
Reference:
https://www.trevorlasn.com/blog/10-essential-terminal-commands-every-developer-should-know