Commands that I use
1-Identify
Ping sweep for network
# nmap -sn -PE <target or range>
syn scan
“-sS” : syn scan or port scan
ark scan
“-A” : ark scan -> use for gather detail of service and operating system detection
Service scan
“-sV” : services scan -> use for service version detection on each port
Operation system scan
“-O”: operation system scan -> use for operating detection
Combination:
nmap -sS -A -V -O <target or range>
Port scan:
# nmap -p “port” <target or range>
A TCP Connect scan in Nmap is a method to discover the status of TCP port on target system. TCP connect scan perform full TCP handshake to discover the full state of the port.
Command: # nmap -sT <target or range>
Xmas scan: # nmap -sX
Xmas scan is a type of TCP port scan to detect open ports on target.
List all the users and put it in the text file
awk -F’:’ ‘{ print $1}’ /etc/passwd > users.txt
Count list of user
cat /etc/passwd | wc -l
wc mean word count -l mean line
Windows: List user with powershell
Local user: Get-LocalUser
Command: Net User
Domain users:
Get-ADUser -Filter * -Property Name, SamAccountName, UserPrincipleName, MemberOf | Select -Object Name, SamAccountName, UserPrincipalName, MemberOf
Change password for all linux user
1) Add list of all users to the text file
awk -F’:’ ‘{ print $1}’ /etc/passwd > users.txt
2) Change passwords for all users in the list. Let’s say script name is listuser
#!/bin/bash
PASSWORD = “jimmy123“ # This is my default password
While IFS= read -r user; do # or can use cat users.txt | while read -r user; do
echo “$user:$PASSWORD | sudo chpasswd
echo “Password changed for user: $user”
done < users.txt
3) Allow to run to the script listuser:
chmod +x listuser
4) Run the script
sudo ./listuser
Windows: Script to change password with PowerShell
Import-Module Active Directory
$defaultpassword = “P@ssw0rd@123!”
$newpassword = ConvertTo-SecureString $defaultpassword -AsPlainText -Force
$domainuser =Get-ADuser -Filter -Properties SamAccountName
Change the admin user
net user Administrator $newpassword
Write-host “Password changed for Administrator”
foreach ($user in $domainsuser){
if ($user.SamAccountName -ne “Administrator”){
Set-ADAccountPassword -Identity $user.SamAccountName -Newpassword $newpassword -Reset
Write-host “Password changed for user: $($user.SamAccountName)”
}
}
Windows: Change password for all users (not in Active Directory)
$defaultpassword = “P@ssw0rd@123!”
$newpassword = ConvertTo-SecureString $defaultpassword -AsPlainText -Force
$localuser = Get-LocalUser
foreach ($user in $localuser){
Set-Localuser -Name $user -Password $newpassword
Write-Host “Password changed for user: $user”
}
checking the power is charging or using battery
cat /sys/class/power_supply/BAT0/status
Checking the logs
read the log page by page
less /var/log/auth.log
Checking kernel Arch linux
hostnamectl
uname -r
When NTFS can not read on linux via file manager, mount the command via terminal
In Arch linux: sudo mount /dev/sdb1 /run/media/"name"
Clear the dirty-ntfs
sudo ntfsfix --clear-dirty /dev/sdb1
Then you can try to mount the /dev/sdb1 with File Manager again. It should work.
URL: https://wiki.archlinux.org/title/NTFS#Unable_to_mount_with_ntfs3_with_partition_marked_dirty
Identify current services are running
systemctl list-units --type=service --state=running
Identify current services are set to start at boot
systemctl list-units --type=service --state=enabled