Commands by nesquick (1)

  • This command lets you see and scroll through all of the strings that are stored in the RAM at any given time. Press space bar to scroll through to see more pages (or use the arrow keys etc). Sometimes if you don't save that file that you were working on or want to get back something you closed it can be found floating around in here! The awk command only shows lines that are longer than 20 characters (to avoid seeing lots of junk that probably isn't "human readable"). If you want to dump the whole thing to a file replace the final '| less' with '> memorydump'. This is great for searching through many times (and with the added bonus that it doesn't overwrite any memory...). Here's a neat example to show up conversations that were had in pidgin (will probably work after it has been closed)... sudo cat /proc/kcore | strings | grep '([0-9]\{2\}:[0-9]\{2\}:[0-9]\{2\})' (depending on sudo settings it might be best to run sudo su first to get to a # prompt)


    15
    sudo cat /proc/kcore | strings | awk 'length > 20' | less
    nesquick · 2009-03-09 02:19:47 5

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

Share Your Commands


Check These Out

Block all IP addresses and domains that have attempted brute force SSH login to computer
I use iptables. To rate limit connections. Very easy and no ban lists to manage.

List files with full path
This version is a bit more portable although it isn't extended as easily with '-type f' etc. On AIX the find command doesn't have -maxdepth or equivalent.

Exclude .svn, .git and other VCS junk for a pristine tarball
~$ tar --version tar (GNU tar) 1.20

Download all default installed apk files from your android.

Which processes are listening on a specific port (e.g. port 80)
swap out "80" for your port of interest. Can use port number or named ports e.g. "http"

easily strace all your apache *child* processes
Like the original version except it does not include the parent apache process or the grep process and adds "sudo" so it can be run by user.

Save your open windows to a file so they can be opened after you restart
This will save your open windows to a file (~/.windows). To start those applications: $ cat ~/.windows | while read line; do $line &; done Should work on any EWMH/NetWM compatible X Window Manager. If you use DWM or another Window Manager not using EWMH or NetWM try this: $ xwininfo -root -children | grep '^ ' | grep -v children | grep -v '' | sed -n 's/^ *\(0x[0-9a-f]*\) .*/\1/p' | uniq | while read line; do xprop -id $line _NET_WM_PID | sed -n 's/.* = \([0-9]*\)$/\1/p'; done | uniq -u | grep -v '^$' | while read line; do ps -o cmd= $line; done > ~/.windows

Find installed network devices
Find installed network devices.

Decrypt passwords from Google Chrome and Chromium.
Read this before you down voting and comment that it is not working -> Wont work on latest versions ~75> since database file is locked and has to be decrypted. This is useful if you have an old hdd with a chrome installation and want to decrypt your old passwords fast.

External IP (raw data)


Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for: