Commands by bandit36 (3)

  • You can use this to loop any command to periodically see the output. while true; do [YOUR COMMAND HERE]; sleep [# of seconds]; done; Alternatively, you can put it in a simple shell script to save typing! #/!bin/bash while true; do $1; sleep $2; done; /path/to/script.sh "ifconfig eth0 | grep 'inet addr:'" 60 Show Sample Output


    -5
    while true; do ifconfig eth0 | grep "inet addr:"; sleep 60; done;
    bandit36 · 2009-04-01 19:29:28 12
  • populate the auth.hosts file with a list of IP addresses that are authorized to be in use and when you run this command it will return the addresses that are pingable and not in the authorized list. Can be combined with the "Command line Twitter" command to tweet unauthorized access. Show Sample Output


    1
    diff <(nmap -sP 192.168.1.0/24 | grep ^Host | sed 's/.appears to be up.//g' | sed 's/Host //g') auth.hosts | sed 's/[0-9][a-z,A-Z][0-9]$//' | sed 's/</UNAUTHORIZED IP -/g'
    bandit36 · 2009-03-12 05:28:08 4
  • This will create an exact duplicate image of your hard drive that you can then restore by simply reversing the "if" & "of" locations. sudo dd if=/media/disk/backup/sda.backup of=/dev/sda Alternatively, you can use an SSH connection to do your backups: dd if=/dev/sda | ssh user@ssh.server.com dd of=~/backup/sda.backup


    16
    sudo dd if=/dev/sda of=/media/disk/backup/sda.backup
    bandit36 · 2009-02-27 20:23:37 4

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

Share Your Commands


Check These Out

Nicely display permissions in octal format with filename
Since the original command (#1873) didn't work on FreeBSD whose stat lacks the "-c" switch, I wrote an alternative that does. This command shows also the fourth digit of octal format permissions which yields the sticky bit information.

Factorial With Case
Computes factorials.

Summarize Apache Extended server-status to show longest running requests
Ever need to know why Apache is bogging down *right now*? Hate scanning Apache's Extended server-status for the longest running requests? Me, too. That's why I use this one liner to quickly find suspect web scripts that might need review. Assuming the Extended server-status is reachable at the target URL desired, this one-liner parses the output through elinks (rendering the HTML) and shows a list of active requests sorted by longest running request at the bottom of the list. I include the following fields (as noted in the header line): Seconds: How long the request is alive PID: Process ID of the request handler State: State of the request, limited to what I think are the relevant ones (GCRK_.) IP: Remote Host IP making the request Domain: Virtual Host target (HTTP/1.1 Host: header). Important for Virtual Hosting servers TYPE: HTTP verb URL: requested URL being served. Putting this in a script that runs when triggered by high load average can be quite revealing. Can also capture "forgotten" scripts being exploited such as "formmail.pl", etc.

Do some learning...

Easily find latex package documentation
If the pdf/dvi/etc documentation for a latex package is already part of your local texmf tree, then texdoc will find and display it for you. If the documentation is not available on your system, it will bring up the package's webpage at CTAN to help you investigate.

get diskusage of files modified during the last n days
get diskusage of files (in this case logfiles in /var/log) modified during the last n days: $ sudo find /var/log/ -mtime -n -type f | xargs du -ch n -> last modified n*24 hours ago Numeric arguments can be specified as +n for greater than n, -n for less than n, n for exactly n. => so 7*24 hours (about 7 days) is -7 $ sudo find /var/log/ -mtime -7 -type f | xargs du -ch | tail -n1

Get AWS temporary credentials ready to export based on a MFA virtual appliance
You might want to secure your AWS operations requiring to use a MFA token. But then to use API or tools, you need to pass credentials generated with a MFA token. This commands asks you for the MFA code and retrieves these credentials using AWS Cli. To print the exports, you can use: `awk '{ print "export AWS_ACCESS_KEY_ID=\"" $1 "\"\n" "export AWS_SECRET_ACCESS_KEY=\"" $2 "\"\n" "export AWS_SESSION_TOKEN=\"" $3 "\"" }'` You must adapt the command line to include: * $MFA_IDis ARN of the virtual MFA or serial number of the physical one * TTL for the credentials

Skip over .svn directories when using the
Put the positive clauses after the '-o' option.

Recursively unrar into dir containing archive
From the cwd, recursively find all rar files, extracting each rar into the directory where it was found, rather than cwd. A nice time saver if you've used wget or similar to mirror something, where each sub dir contains an rar archive. Its likely this can be tuned to work with multi-part archives where all parts use ambiguous .rar extensions but I didn't test this. Perhaps unrar would handle this gracefully anyway?

Run remote web page, but don't save the results
I have a remote php file that I want to run once an hour. I set up cron to run this wget. I don't really care about what's in the file though, I don't want to save the results, so I run the -O and send it to /dev/null


Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for: