User Tools

Site Tools


Red Team Field Manual (RTFM)


The Red Team Field Manual is a kind of reference guide to Linux, Windows, Cisco etc. It contains all the really useful information in a book small enough to carry around everywhere. Some of the really useful pages I will be keeping on here for 'my own' reference. You didn't see this page right (i'll fork bomb u if you did)

Linux Network Commands

  watch ss -tp                                          Network connections
  netstat -ant                                          Tcp connections -anu=udp
  netstat -tulpn                                        Connections with PIDs 
  lsof -i                                               Established connections
  smb:// ip /share                                      Access windows smb share
  share user x.x.x.x c$                                 Mount Windows share
  smbclient -U user\\\\ ip \\ share                     SMB connect
  ifconfig eth# ip I cidr                               Set IP and netmask 
  ifconfig ethO:l ip I cidr                             Set virtual interface 
  route add default gw gw lp                            Set GW 
  ifconfig eth# mtu [size]                              Change MTU size 
  export MAC=xx: XX: XX: XX: XX: XX                     Change MAC 
  ifconfig int hw ether MAC                             Change MAC 
  macchanger -m MAC int                                 Backtrack MAC changer 
  iwlist int scan                                       Built-in wifi scanner 
  dig -x ip                                             Domain lookup for IP 
  host ip                                               Domain lookup for IP 
  host -t SRV service                       Domain SRV lookup  
  dig @ ip domain -t AXFR                               DNS Zone Xfer   
  host -l domain namesvr                                DNS Zone Xfer 
  ip xfrm state list                                    Print existing VPN keys 
  ip addr add ip / cidr dev ethO                        Adds 'hidden' interface          
  /var/log/messages | grep DHCP                         List DHCP assignments         
  tcpkill host ip and port port                         Block ip:port        
  echo "l" /proc/sys/net/ipv4/ip forward                Turn on IP Forwarding                  
  echo ''nameserver x.x.x.x'' /etc7resolv.conf          Add DNS Server                     

Linux System Info

  nbstat -A ip                                          Get hostname for IP
  id                                                    Current username 
  w                                                     Logged on Users
  who -a                                                User information
  last -a                                               Last users logged on
  ps -ef                                                Process listing (top)
  df -h                                                 Disk usage (free)
  uname -a                                              Kernel version/CPU Info
  mount                                                 Mounted file systems
  getent passwd                                         Show list of users
  PATH~$PATH:/home/mypath                               Add to PATH variable 
  kill pid                                              Kill process with pid
  cat /etc/issue                                        Show OS info
  cat /etc/'release'                                    Show OS Version info
  cat /proc/version                                     Show Kernel info
  rpm --query -all                                      Installed pkgs (Redhat)
  rpm -ivh '.rpm                                        Install RPM (-e=remove)
  dpkg -get-selections                                  Installed pkgs (Obuntu) 
  dpkg -I '.deb                                         Install DEB (-r~remove) 
  pkginfo                                               Installed pkgs (Solaris) 
  which tscsh/csh/ksh/bash                              Show location of executable 
  chmod -5o tcsh/csh/ksh                                Disable shell , force bash

Linux Utility Commands

  wget http:// url -O url.txt -o /dev/null              Grab url
  rdesktop ip                                           Remote Desktop to ip
  scp /tmp/file user@x.x.x.x:/tmp/file                  Put file
  scp user@ remoteip :/tmp/file /tmp/file               Get file 
  useradd -m user                                       Add user
  passwd user                                           Change user password
  rmuser uname                                          Remove user
  script -a outfile                                     Record shell : Ctrl-D stops
  apropos subject                                       Find related command
  history                                               View users command history
  ! num                                                 Executes line # in history

rtfm.txt · Last modified: 2023/03/09 22:35 by