All Entries Tagged With: "command line"

Combining multiple PDF’s into one

I found this one on SHELL FU – I haven’t tried it out yet but SHELL FU don’t post commands that don’t work. One comment I saw on Twitter was: Good + Evil = New. Anyway, here it is.

To combine multiple pdfs into one, for printing purposes or distribution:

$ gs -dNOPAUSE -sDEVICE=pdfwrite -sOUTPUTFILE=combine.pdf -dBATCH 1.pdf 2.pdf 3.pdf

Download a specific file from the web

From: http://www.commandlinefu.com

To download a specific file from the web:

curl -f -O http://pcbsd.fastbull.org/7.0.2/i386/PCBSD7.0.2-x86-DVD.iso

or, if you have wget configured:

wget -c http://pcbsd.fastbull.org/7.0.2/i386/PCBSD7.0.2-x86-DVD.iso

-C option will re download from an existing & interrupted download.

Create a Directory from the Current Date

Create an alias to create a directory from the current date. This isn’t news, but is quite useful.

alias mkdd='mkdir $(date +%Y%m%d)'

Obviously, if you just want to create the director you could just use the command:

mkdir $(date +%Y%m%d

I’m not teaching granny to suck eggs here – I just want to make sure it’s clear.

Some Commands From Around the Web

Here’s a few commands that I either use, or have found around the web. Remember to test these out before you use them live. I have for my environment, but your environment might be totally different. Sorry to state the obvious! If you have more send them on!

Recursively change file permissions without affecting directory permissions

$find ./ -type f -exec chmod 633 {} ;

Find more than one file type in the current directory

$find . -maxdepth 1 -type f -name '*.sh' -o -name '*.txt'

Find all specific file types in a directory structure. This command is looking for music files.

$find -type f -printf '%P00' | egrep -iz '.(wav|mp3|aif|aac|aiff)$' | sort -z | xargs -0 ls -1

List all files opened by a command

$ lsof -c dhcp

List all files opened by a PID

$ lsof -c 15253

Job Control

Hal Says:

Paul’s last post left me hankering to talk a little bit more about job control in the Unix shell. Besides, it’ll make Ed feel really bad about the Windows command shell, so what’s not to like?

The simplest form of job control is to hit “^Z” to suspend a currently running process. Once the process is suspended, you get your command prompt back and can issue other commands. You can also type “bg” to force the suspended process into the background, where it will continue to run:

# tail -f /var/log/httpd/error_log
[... output not shown ...]
^Z
[1]+ Stopped tail -f /var/log/httpd/error_log
# bg
[1]+ tail -f /var/log/httpd/error_log &

Now you can fiddle with your Apache config file, restart the web server, etc. The “tail -f” process is still running in the background and displaying errors as they appear in the log file. I find this very useful if I’m working remotely to resolve problems on my web server. Actually, I could have simply started that “tail” command in the background by putting a “&” at the end of the command line:

# tail -f /var/log/httpd/error_log &
[1] 14050

I often use job control to flip in and out of a superuser shell:

$ /bin/su
Password:
# [... do some stuff as root ...]
# suspend

[1]+ Stopped /bin/su
$ [... do some stuff as a normal user ...]
$ fg
/bin/su
#

Notice that you use “fg” to start a suspended process running again. This sure beats having to keep using “su” and re-enter the root password all the time. Of course, you probably should be using “sudo”, but that’s a topic for another day.

By the way, you can also use job control to blip in and out of remote SSH sessions too:

[hal@localhost ~]$ ssh remotehost
hal@remotehost's password:
Last login: Sun Apr 5 10:06:26 2009 from ...
[hal@remotehost ~]$
[hal@remotehost ~]$ ~^Z [suspend ssh]

[1]+ Stopped ssh remotehost
[hal@localhost ~]$ fg
ssh remotehost

[hal@remotehost ~]$

Note that the key sequence to suspend an SSH session is “\n~^Z”– you have to enter the tilde character at the beginning of a line, not while you’re in the middle of a command-line. By the way, if you’re logged into multiple machines in series, you can use multiple tildes to pick which of the chained SSH sessions you actually want to suspend.

Sometimes you might have multiple jobs suspended at the same time. You can use the “jobs” command to display them, and use the job number displayed in the output to interact with the different jobs:

# jobs
[1] Stopped vi /etc/httpd/conf/httpd.conf
[2]- Stopped vi /etc/httpd/conf.d/ssl.conf
[3]+ Stopped tail -f /var/log/httpd/error_log
# bg %3
[3]+ tail -f /var/log/httpd/error_log &
# fg %1
vi /etc/httpd/conf/httpd.conf
^Z
[1]+ Stopped vi /etc/httpd/conf/httpd.conf
# %2
vi /etc/httpd/conf.d/ssl.conf
^Z
[2]+ Stopped vi /etc/httpd/conf.d/ssl.conf
# fg
vi /etc/httpd/conf.d/ssl.conf

In general you do “[fg|bg] %n” to foreground or background job number “n”. However, you can leave off the “fg” if you want because foregrounding a job is the default. If you don’t specify a job number after the “fg” or “bg”, then the most recently manipulated job number is assumed– you can see this job with a “+” next to it in the output of the “jobs” command.

Ed Wimpers:

Job control?!? What are you, Hal… just plain cruel? I long for true job control in my cmd.exe. If I want true job control, I just install Cygwin.

But, there are some job control-like things I can do in a pinch on a box without Cygwin.

For example, if I want to start a process in a separate cmd.exe window, I can use the start command. Here, I’ll use it to start a separate shell window to search for wmic.exe on the C:\ partition, using the file search capabilities we described in Episode #21:

C:\> start dir /s /b c:\wmic.exe

That pops up a separate Window that will display my results. The window will linger displaying my results after it’s done. If I want to start it up minimized, I can run:

C:\> start /MIN dir /s /b c:\wmic.exe

If I want it to start a process in a separate window and then have it disappear when it is done running, I use:

C:\> start cmd.exe /c dir /s /b c:\wmic.exe

Sadly, there’s no easy way to get access to standard out of these separately invoked shells windows while they are running, other than to have them dump their output into a file, with “> filename” at the command line invocation.

But now for the tricky part… how can you mimic the & feature of most Linux shells to run something in the background of the current cmd.exe while still dumping their standard output into the current shell’s display? We can use the /b option of start to put something in the background, as in:

C:\> start /b dir /s /b c:\wmic.exe

So, we’ve got &-like behavior! However, it’s not really full job control, because I can’t pull that job into the foreground, or select one job from a group of backgrounded tasks. But, I can kill my background task, by hitting CTRL-break in the cmd.exe window that spawned it. Also, each time you run “start /b”, it will leave an extra cmd.exe process running until you either exit that process (by typing… you guessed it… “exit”) or killing it.

To kill “jobs” (if I can call them that) more thoroughly, I usually rely on wmic or taskkill, as defined in Episode #22.

So, there you have it… not quite job control, but an ability to kick things into the background so you can keep your current shell active and get more work done. Oh, and install Cygwin. You’ll be glad you did. :)

Paul Says:

I will never forget when I was first learning Linux/UNIX (I actually got my feet wet with Linux/UNIX by using Linux at home, and AIX at work). I was configuring a proxy server, carefully constructing each command line switch and running the command. I’d hit ^Z to put the command in the background and wonder why my proxy server wasn’t listening. I had forgotten to put the & after the command, so it truly did “suspend” the command. I never made that mistake again :)

I would also like to quickly highlight the nohup command. I often use this when I run a command that will take a long time and want to go back and check its output:

$ nohup nmap -sS -T4 -iL edswindowsnetwork -oA myscanresults &

Sometimes processes you start while logged into a remote host will SIGHUP when you logoff, and nohup can prevent that.

Information Technology and Security

Information technology and information security are my fields of expertise, and I have the pleasure of working within those fields as a career. The abstract thought process and mix of technical knowledge make it almost like play time. Thinking outside the box is outmoded – you have to think even more abstract since you are trying to see all points of view – from CEO to hacker – from tactical to strategic, and even political.

I’ve posted a lot of information technology and information security related post to this website. I learn from the information I gleen from around the web and I wanted a place where I could refer back, since some of the command line and shortcut stuff is priceless. It doesn’t matter what status I hold at work, I’m always interested in cleaning up my skills, and learning new ones. There should never be a point, even in the executive layer, that we should let go of those skills.

Information Security is an area I have a lot of passion in. I am the Director of Information Technology and Information Security Officer for the company that I work for and, as such, have to keep my finger on the pulse. I have done hacking course and am technically proficient, but I would not say that I am anything other than someone who sees how it can be done, and wants to prevent it happening to the company I work for.

Here’s a Standard Penetration Testing Checklist. See how involved it is, and that is just the entry point. I didn’t write this by the way – why re-invent the wheel, but it’s a great reminder and backbone for penetration testing. All that I am trying to illustrate is the complexity of information security, and that it is all too often overlooked by executives for no other reason than not arming them with enough information. Yes – we should take the blame for some of that. When I presented the base level of hacking techniques to our executive staff I immediately got budget money. I meant to scare them, and boy did I.

You’ll notice in the tech section there is a ton of useful information. This is just a piece of what I find useful – I don’t have time to post it all so I try to post the most interesting – well, to me anyway. More as it comes to me.

Scan a range of IP addresses

Another post from SHELL-FU! (with some input from me too)

You may want to know which IP addresses have devices connected to them on a network segment. The following one-liner will ping scan a given range.

for IP in 192.168.1.{1..10}; do if ping $IP -c 1 > /dev/null; then echo $IP alive; else echo $IP dead; fi; done

Or, better still, how about this?

$ for i in `seq 1 255`; do ping -c 1 10.10.10.$i | tr n ' ' | awk '/1 received/ {print $2}'; done

But then you could do the same thing with NMAP, if you have it installed.

$ nmap -sP 192.168.1-255

And if you are not command line comfortable there are tools for PC’s, Mac’s, Linux etc out there. Just search google for ping sweep applications.