chris@ckral.de:~/$ ls -knowledge/ | head -n 15
4 -rw-r--r-- 1 chris 1857 2018-05-02 07:24:43 +0100 CISCO 29xx Template
4 -rw-r--r-- 1 chris 1584 2016-02-18 21:12:05 +0100 VI/VIM
4 -rw-r--r-- 1 chris 1281 2017-07-08 22:30:09 +0100 Gedanken
4 -rw-r--r-- 1 chris 2334 2018-03-03 23:11:44 +0100 Windows-Script ersetzen Leerzeichen durch Underscore
chris@ckral.de:~/$ cat Wissen/h4>
wmic useraccount where (name='username' and domain='domain.loc') get sid
wbadmin delete systemstatebackup -keepVersions:1
vssadmin delete shadows /for=C: /oldest
Set-MpPreference -DisableRealtimeMonitoring $true
chglogon /DISABLE /DRAIN /DRAINUNTILRESTART /ENABLE
forfiles /S /M * /C "cmd /c if @fsize GEQ 1073741824 echo @path"
Profilstatus: HKLM\SOFTWARE\MICROSOFT\Windows NT\Currentversion\Profilelist
bcdedit /set {bootmgr} displaybootmenu yes
dfsrdiag syncnow /partner:MainDFSSRV /member:SRV-DFSMember1,SRV-DFSMember2 /RGName:Domäne.tld\ /Time:1
find . -type f -name "*.eml" -print0 |xargs --null grep "Suchbegriff" > /tmp/ergebnis.txt
psexec \\%1 netsh firewall set opmode disable
Get-WindowsCapability -Online |? {$_.Name -like "*RSAT*" -and $_.State -eq "NotPresent"} | Add-WindowsCapability -Online
sudo snap remove snap-store; sudo snap remove gtk-common-themes; sudo snap remove gnome-3-34-1804; sudo snap remove core18
sudo umount /snap/core/xxxx (df -h)
sudo rm rf ~/snap; sudo rm ~rf /snap; sudo rm ~rf /var/snap; sudo rm ~rf /var-/ib/snapd
for i in `seq 1 254`; do
if ping -c1 10.0.0.$i ; then
echo 10.0.0.$1 >> hosts; fi; done
net stop bits
net stop cryptsvc
net stop wuauserv
ren %windir%\SoftwareDistribution SoftwareDistribution.old
ren %windir%\system32\catroot2 catroot2.old
net start bits
net start cryptsvc
net start wuauserv
DISM.exe /Online /Cleanup-Image /RestoreHealth /Source:C:\RepairSource\Windows /LimitAccess
CertUtil -hashfile C:\TEMP\MyDataFile.img MD5
$regex=" \(\d{4}_\d{2}_\d{2} \d{2}_\d{2}_\d{2} UTC\)"
Get-ChildItem *UTC* -Recurse | Where-Object {$_.Name -match $regex} | Rename-Item -NewName {$_.Name -replace $regex} -Verbose
sudo strings '/sys/firmware/acpi/tables/MSDM'
netsh advfirewall firewall add rule dir=in name="DCOM" program=%systemroot%\system32\svchost.exe service=rpcss action=allow protocol=TCP localport=135
netsh advfirewall firewall add rule dir=in name ="WMI" program=%systemroot%\system32\svchost.exe service=winmgmt action = allow protocol=TCP localport=any
netsh advfirewall firewall add rule dir=in name ="UnsecApp" program=%systemroot%\system32\wbem\unsecapp.exe action=allow
netsh advfirewall firewall add rule dir=out name ="WMI_OUT" program=%systemroot%\system32\svchost.exe service=winmgmt action=allow protocol=TCP localport=any
#!/bin/bash
set -x # Echo
set -e # Stop on error
set -o noclobber # Dont overwrite files with redirection
iptables-save > iptables.$(date +%s)
echo "iptables saves to iptables.$(date +%s)"
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.OpenTextFile("X:\\SMBSHARE\fundstelle.txt", 8, True, 0)
Dim WshNetwork
Set WshNetwork = CreateObject("WScript.Network")
ComputerName = WshNetwork.ComputerName
Set colFolders = objWMIService.ExecQuery _
("Select * from Win32_Directory where Name Like 'SUCHSTRING'")
On Error Resume Next
objFile.WriteLine "PC: " & ComputerName
For Each objFolder in colFolders
objFile.WriteLine "Name: " & objFolder.Name
Next
objFile.Close
objFileToRead.Close
net stop cpsvc /y
net stop spooler /y
del %windir%\system32\spool\PRINTERS\*.* /f /q
net start spooler
net start cpsvc
GRANT ALTER, ALTER ROUTINE, CREATE, CREATE ROUTINE, CREATE TEMPORARY TABLES, CREATE USER, CREATE VIEW, DROP, EVENT, EXECUTE, FILE, INDEX, LOCK TABLES, PROCESS, REFERENCES, RELOAD, REPLICATION CLIENT, REPLICATION SLAVE, SHOW DATABASES, SHOW VIEW, SHUTDOWN, SUPER, TRIGGER ON *.* TO 'root'@'%' WITH GRANT OPTION; FLUSH PRIVILEGES;
insert into mysql.user(Host,User,Password) values("%","mysqld",password("PASSWORD")); CREATE USER 'mysqld'@'%' IDENTIFIED BY 'PASSWORD'; GRANT ALTER, ALTER ROUTINE, CREATE, CREATE ROUTINE, CREATE TEMPORARY TABLES, CREATE USER, CREATE VIEW, DROP, EVENT, EXECUTE, FILE, INDEX, LOCK TABLES, PROCESS, REFERENCES, RELOAD, REPLICATION CLIENT, REPLICATION SLAVE, SHOW DATABASES, SHOW VIEW, SHUTDOWN, SUPER, TRIGGER ON *.* TO 'mysqld'@'%' WITH GRANT OPTION; FLUSH PRIVILEGES;
BCDEDIT -Set LoadOptions DDISABLE_INTEGRITY_CHECKS
BCDEDIT -Set TESTSIGNING ON
taskkill /IM explorer.exe /F
del "%iconcache%" /A
start explorer.exe
select sum(bytes)/1024/1024 "Meg" from dba_data_files;
select nvl(sum(bytes),0)/1024/1024 "Meg" from dba_temp_files;
select sum(bytes)/1024/1024 "Meg" from sys.v_$log;
SELECT * FROM v$fixed_view_definition WHERE view_name='V$SESSION';
SELECT sql_text, address, hash_value
FROM v$open_cursor a , v$session b
WHERE a.sid = b.sid
AND a.address = b.sql_address
AND a.hash_value = b.sql_hash_value
AND b.status = 'ACTIVE'
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@=”Service”
service open-iscsi restart
iscsiadm -m discovery -t st -p
grep -r -l "" * | xargs -I '{}' cp '{}' /tmp
openssl s_client -connect URL.TLD:443 2>&1 < /dev/null | sed -n '/-----BEGIN/,/-----END/p'
lsof -nPi:22
SUID: find / -type f -perm -04000 -ls
SGID: find / -type f -perm -02000 -ls
takeown /F /R *
ICACLS * /T /Q /C /RESET
attrib -h -s -r -a /s /d *.*
find -maxdepth 1 -type d | while read -r dir; do printf "%s:\t" "$dir"; find "$dir" -type f | wc -l; done
show control-plane host open-ports
| include
Show ipv6 interface brief
show ipv6 route
Show ip eigrp neighbors/interfaces/topology
show ip protocols
Show ip ospf interface/neighbor/database brief
show vtp status
show vlan
show mac-address-table
show mac address-table
crypto key generate rsa usage-keys modulus 2048
debug ip nat detailed
ip nat source static tcp 192.168.101.198 54751 80.152.194.182 54751 extendable
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static tcp 192.168.101.198 54751 interface Dialer0 54751
forfiles /p c:\ /s /m *.* /c "cmd /c if @fsize gtr 10000000 echo @file @fsize"
Get-ADUser -Filter * -Properties * | Select-Object Name, msDS-FailedInteractiveLogonCountAtLastSuccessfulLogon | Sort-Object -Descending msDS-FailedInteractiveLogonCountAtLastSuccessfulLogon
Get-ADUser -Filter * -Properties * | Where-Object msDS-FailedInteractiveLogonCountAtLastSuccessfulLogon -gt 3 | Measure-Object | Select-Object Count
nmap -sT -PN -p 443 127.0.0.1 --script ssl-enum-ciphers.nse
mailq | awk ‘$7 ~ /user@domain.endung$/ { print $1 }’ | tr -d ‘*!’ | postsuper -d
netsh interface ip set address name="Local Area Connection" static 192.168.0.2 255.255.0.0 0.0.0.0
netsh interface ip set address name="LAN-Verbindung" static 192.168.0.2 255.255.0.0 0.0.0.0
route delete 0.0.0.0 mask 0.0.0.0
route add 0.0.0.0 mask 0.0.0.0 192.168.101.1
openssl ciphers -v 'EECDH+AESGCM:EDH+AESGCM:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4'| awk '{print $1}'
certutil -hasfile "file"
type "file.name" | openssl dgst -
git clone https://github.com/repos/project.git
git status
git checkout -b neues
git status
git add --all
git status
git diff HEAD
git commit -m “file.txt”
git status
git log
git push origin HEAD
git checkout master
git pull