chris@ckral.de:~/$ ls -knowledge/ | head -n 15


4 -rw-r--r-- 1 chris 1857 2018-05-02 07:24:43 +0100 CISCO 29xx Template
4 -rw-r--r-- 1 chris 1584 2016-02-18 21:12:05 +0100 VI/VIM
4 -rw-r--r-- 1 chris 1281 2017-07-08 22:30:09 +0100 Gedanken
4 -rw-r--r-- 1 chris 2334 2018-03-03 23:11:44 +0100 Windows-Script ersetzen Leerzeichen durch Underscore

chris@ckral.de:~/$ cat Wissen/h4>





wmic useraccount where (name='username' and domain='domain.loc') get sid


wbadmin delete systemstatebackup -keepVersions:1
vssadmin delete shadows /for=C: /oldest


Set-MpPreference -DisableRealtimeMonitoring $true


chglogon /DISABLE /DRAIN /DRAINUNTILRESTART /ENABLE


forfiles /S /M * /C "cmd /c if @fsize GEQ 1073741824 echo @path"


Profilstatus: HKLM\SOFTWARE\MICROSOFT\Windows NT\Currentversion\Profilelist


bcdedit /set {bootmgr} displaybootmenu yes


dfsrdiag syncnow /partner:MainDFSSRV /member:SRV-DFSMember1,SRV-DFSMember2 /RGName:Domäne.tld\ /Time:1


find . -type f -name "*.eml" -print0 |xargs --null grep "Suchbegriff" > /tmp/ergebnis.txt


psexec \\%1 netsh firewall set opmode disable


Get-WindowsCapability -Online |? {$_.Name -like "*RSAT*" -and $_.State -eq "NotPresent"} | Add-WindowsCapability -Online


sudo snap remove snap-store; sudo snap remove gtk-common-themes; sudo snap remove gnome-3-34-1804; sudo snap remove core18
sudo umount /snap/core/xxxx (df -h)
sudo rm rf ~/snap; sudo rm ~rf /snap; sudo rm ~rf /var/snap; sudo rm ~rf /var-/ib/snapd


for i in `seq 1 254`; do
if ping -c1 10.0.0.$i ; then
echo 10.0.0.$1 >> hosts; fi; done



net stop bits
net stop cryptsvc
net stop wuauserv
ren %windir%\SoftwareDistribution SoftwareDistribution.old
ren %windir%\system32\catroot2 catroot2.old
net start bits
net start cryptsvc
net start wuauserv


DISM.exe /Online /Cleanup-Image /RestoreHealth /Source:C:\RepairSource\Windows /LimitAccess

CertUtil -hashfile C:\TEMP\MyDataFile.img MD5


$regex=" \(\d{4}_\d{2}_\d{2} \d{2}_\d{2}_\d{2} UTC\)"

Get-ChildItem *UTC* -Recurse | Where-Object {$_.Name -match $regex} | Rename-Item -NewName {$_.Name -replace $regex} -Verbose


sudo strings '/sys/firmware/acpi/tables/MSDM'


netsh advfirewall firewall add rule dir=in name="DCOM" program=%systemroot%\system32\svchost.exe service=rpcss action=allow protocol=TCP localport=135

netsh advfirewall firewall add rule dir=in name ="WMI" program=%systemroot%\system32\svchost.exe service=winmgmt action = allow protocol=TCP localport=any

netsh advfirewall firewall add rule dir=in name ="UnsecApp" program=%systemroot%\system32\wbem\unsecapp.exe action=allow

netsh advfirewall firewall add rule dir=out name ="WMI_OUT" program=%systemroot%\system32\svchost.exe service=winmgmt action=allow protocol=TCP localport=any


#!/bin/bash
set -x # Echo
set -e # Stop on error
set -o noclobber # Dont overwrite files with redirection
iptables-save > iptables.$(date +%s)
echo "iptables saves to iptables.$(date +%s)"
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT


strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.OpenTextFile("X:\\SMBSHARE\fundstelle.txt", 8, True, 0)
Dim WshNetwork
Set WshNetwork = CreateObject("WScript.Network")
ComputerName = WshNetwork.ComputerName

Set colFolders = objWMIService.ExecQuery _
("Select * from Win32_Directory where Name Like 'SUCHSTRING'")

On Error Resume Next
objFile.WriteLine "PC: " & ComputerName
For Each objFolder in colFolders
objFile.WriteLine "Name: " & objFolder.Name

Next
objFile.Close
objFileToRead.Close


net stop cpsvc /y
net stop spooler /y
del %windir%\system32\spool\PRINTERS\*.* /f /q
net start spooler
net start cpsvc


GRANT ALTER, ALTER ROUTINE, CREATE, CREATE ROUTINE, CREATE TEMPORARY TABLES, CREATE USER, CREATE VIEW, DROP, EVENT, EXECUTE, FILE, INDEX, LOCK TABLES, PROCESS, REFERENCES, RELOAD, REPLICATION CLIENT, REPLICATION SLAVE, SHOW DATABASES, SHOW VIEW, SHUTDOWN, SUPER, TRIGGER ON *.* TO 'root'@'%' WITH GRANT OPTION; FLUSH PRIVILEGES;

insert into mysql.user(Host,User,Password) values("%","mysqld",password("PASSWORD")); CREATE USER 'mysqld'@'%' IDENTIFIED BY 'PASSWORD'; GRANT ALTER, ALTER ROUTINE, CREATE, CREATE ROUTINE, CREATE TEMPORARY TABLES, CREATE USER, CREATE VIEW, DROP, EVENT, EXECUTE, FILE, INDEX, LOCK TABLES, PROCESS, REFERENCES, RELOAD, REPLICATION CLIENT, REPLICATION SLAVE, SHOW DATABASES, SHOW VIEW, SHUTDOWN, SUPER, TRIGGER ON *.* TO 'mysqld'@'%' WITH GRANT OPTION; FLUSH PRIVILEGES;


BCDEDIT -Set LoadOptions DDISABLE_INTEGRITY_CHECKS
BCDEDIT -Set TESTSIGNING ON


taskkill /IM explorer.exe /F
del "%iconcache%" /A
start explorer.exe


select sum(bytes)/1024/1024 "Meg" from dba_data_files;
select nvl(sum(bytes),0)/1024/1024 "Meg" from dba_temp_files;
select sum(bytes)/1024/1024 "Meg" from sys.v_$log;
SELECT * FROM v$fixed_view_definition WHERE view_name='V$SESSION';
SELECT sql_text, address, hash_value FROM v$open_cursor a , v$session b
WHERE a.sid = b.sid
AND a.address = b.sql_address
AND a.hash_value = b.sql_hash_value
AND b.status = 'ACTIVE'


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer] @=”Service”


service open-iscsi restart
iscsiadm -m discovery -t st -p


grep -r -l "" * | xargs -I '{}' cp '{}' /tmp


openssl s_client -connect URL.TLD:443 2>&1 < /dev/null | sed -n '/-----BEGIN/,/-----END/p'


lsof -nPi:22


SUID: find / -type f -perm -04000 -ls
SGID: find / -type f -perm -02000 -ls


takeown /F /R *
ICACLS * /T /Q /C /RESET
attrib -h -s -r -a /s /d *.*


find -maxdepth 1 -type d | while read -r dir; do printf "%s:\t" "$dir"; find "$dir" -type f | wc -l; done


show control-plane host open-ports
| include

Show ipv6 interface brief
show ipv6 route
Show ip eigrp neighbors/interfaces/topology
show ip protocols
Show ip ospf interface/neighbor/database brief
show vtp status
show vlan
show mac-address-table
show mac address-table
crypto key generate rsa usage-keys modulus 2048
debug ip nat detailed
ip nat source static tcp 192.168.101.198 54751 80.152.194.182 54751 extendable
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static tcp 192.168.101.198 54751 interface Dialer0 54751


forfiles /p c:\ /s /m *.* /c "cmd /c if @fsize gtr 10000000 echo @file @fsize"


Get-ADUser -Filter * -Properties * | Select-Object Name, msDS-FailedInteractiveLogonCountAtLastSuccessfulLogon | Sort-Object -Descending msDS-FailedInteractiveLogonCountAtLastSuccessfulLogon


Get-ADUser -Filter * -Properties * | Where-Object msDS-FailedInteractiveLogonCountAtLastSuccessfulLogon -gt 3 | Measure-Object | Select-Object Count


nmap -sT -PN -p 443 127.0.0.1 --script ssl-enum-ciphers.nse

mailq | awk ‘$7 ~ /user@domain.endung$/ { print $1 }’ | tr -d ‘*!’ | postsuper -d


netsh interface ip set address name="Local Area Connection" static 192.168.0.2 255.255.0.0 0.0.0.0
netsh interface ip set address name="LAN-Verbindung" static 192.168.0.2 255.255.0.0 0.0.0.0
route delete 0.0.0.0 mask 0.0.0.0
route add 0.0.0.0 mask 0.0.0.0 192.168.101.1


openssl ciphers -v 'EECDH+AESGCM:EDH+AESGCM:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4'| awk '{print $1}'


certutil -hasfile "file"

type "file.name" | openssl dgst -

git clone https://github.com/repos/project.git
git status
git checkout -b neues
git status
git add --all
git status
git diff HEAD
git commit -m “file.txt”
git status
git log
git push origin HEAD
git checkout master
git pull