4li3n’s after midnight useless news and links – 2011.07.31 (*Se>x<curity* edition)

A big thanx to Ariskos Kosm for suggesting this edition’s name!

[INFO] Session Management Cheat Sheet (by OWASP) -> http://goo.gl/HlyZ5
[NEWS] Rapid7 announces Metasploit Pro 4.0 -> http://goo.gl/kXHfQ
[POST] ModSecurity SQL Injection Challenge: Lessons Learned -> http://goo.gl/E1jYL
[POST] Password Cracking in Metasploit with John the Ripper -> http://goo.gl/5ddik
[NEWS] Lulzec’s Topiary arrested -> http://goo.gl/2lx4c , http://goo.gl/YmRPb
[NEWS] … or not! -> http://goo.gl/tPTjK , http://goo.gl/NM9NQ
[PRESENTATION] Hacking IPv6 Networks (from HiP2011 con) -> http://goo.gl/Ggaoq
[SCRIPT] Apache Log Extractor: export URL information from Apache access logs -> http://goo.gl/o7lDA
[TOOL] Xdebug: debug your PHP scripts -> http://goo.gl/iDBAs
[UPDATE] Netsparker 2.0 has arrived! -> http://goo.gl/2OMEI
[NEWS] Stolen USB stick contained police investigation details -> http://goo.gl/BhakB
[TOOL] Online Local File Inclusion Scanner -> http://goo.gl/W735y
[POST] “Activate Skype”. Or not… -> http://goo.gl/r2A1R
[NEWS] Flying Drone Can Crack Wi-Fi Networks, Snoop On Cell Phones -> http://goo.gl/j9jd9
[POST] Infographic: A Deeper Look at Malware Networks -> http://goo.gl/HDhX1
[POST] IR communications tutorial -> http://goo.gl/lhKRx
[GADGET] Throwing Star LAN Tap -> http://goo.gl/f2XXN
[NEWS] Anonymous steals 390MB from U.S. cybersecurity contractor ManTech -> http://goo.gl/hKHRt
[POST] Sophisticated injection abuses the Twitter trend service -> http://goo.gl/jGAfs
[TOOL] Revolutionary: tool to S-Off and NAND unlock most modern HTC devices -> http://goo.gl/A6UEz
[POST] Drag and Drop Vulnerability in MS11-050 -> http://goo.gl/qVUYz


BeEF tunneling proxy (for fun and profit) by Michele "antisnatchor" Orru’ (on Vimeo)

BeEF tunneling proxy (for fun and profit) from Michele “antisnatchor” Orru’ on Vimeo.

Using the victim browser hooked in BeEF as a tunneling proxy, we will see the following scenarios:
– browsing the authenticated surface of the hooked domain through the security context of the victim browser;
– spidering the hooked domain through the security context of the victim browser;
– finding and exploiting SQLi with Burp Pro Scanner + sqlmap (through the victim browser too 🙂 ).

4li3n’s after midnight useless news and links – 2011.07.14 (*nevermind* edition)

[POST] Cross domain content extraction with fake captcha -> http://goo.gl/uNHwZ
[POST] Making NMap Results Useful and Manageable! -> http://goo.gl/4hcu1
[POST] phpMyAdmin 3.x Multiple Remote Code Executions -> http://goo.gl/iNJrm
[BULLETIN] Guidelines for protecting Basic Input/Output System (BIOS) firmware (NIST – PDF) -> http://goo.gl/0vyDu
[POST] XSSF: Expanding the Attack Surface of XSS -> http://goo.gl/ZfC1s
[ARTICLE] Windows x64 Shellcode -> http://goo.gl/e8nG8
[INFO] Botan C++ Crypto Algorithms Library 1.10.1 -> http://goo.gl/p3PP1
[INFO] Anonymity with Backtrack 5 -> http://goo.gl/X3F8s
[POST] Digital Evidence Discrepancies – Casey Anthony Trial -> http://goo.gl/nOEd4
[POST] CVE-2011-1281: A story of a Windows CSRSS Privilege Escalation vulnerability -> http://goo.gl/qgLVG
[NEWS] Military Meltdown Monday: 90K Military Usernames, Hashes Released -> http://goo.gl/SLtZN
[UPDATE] Razorback 0.2RC available -> http://goo.gl/RUum3
[VULN] Microsoft Windows Kernel ‘Win32k.sys’ (CVE-2011-1885) Local Privilege Escalation -> http://goo.gl/pjcB9
[VULN] Microsoft Windows CSRSS ‘SrvWriteConsoleOutput()’ Local Privilege Escalation -> http://goo.gl/D9mwq
[VULN] Microsoft Windows Bluetooth Stack ‘bthport.sys’ Driver Remote Code Execution -> http://goo.gl/fJIx2
[POST] Cracking Mac OS X Passwords -> http://goo.gl/nCypo
[HOW-TO] A Guide to Building a Socket 1155 z68x Hackintosh Running Apple’s Next Gen OS – Lion -> http://goo.gl/Hs9ce
[POST] Wiretapping and Cryptography Today -> http://goo.gl/K47fD
[UPDATE] PuTTY 0.61 is released -> http://goo.gl/M3I0F
[POST] Decrypting Carberp C&C communication -> http://goo.gl/mwUNg
[NEWS] Vodafone Hacked – Root Password published -> http://goo.gl/6GFVI
[POST] Mitigating Slow HTTP DoS Attacks -> http://goo.gl/XfnxA

4li3n’s after midnight useless news and links – 2011.07.12 (*unique editions* edition)

[SCRIPT] TLSSLed v1.1: Script to assess the security of a target SSL/TLS implementation from a HTTPS web server -> http://goo.gl/UMXPp
[DISTRO] Live CD for RFID hacking on the go (thanx mr.pr0n) -> http://goo.gl/qlRW3
[INFO] InnoDB subsystems in color -> http://goo.gl/E9IUx
[POST] Chrome Extensions for Security Professionals -> http://goo.gl/UER9N
[POST] Reverse Engineering VxWorks Firmware (WRT54Gv8) -> http://goo.gl/uzvel
[HOW-TO] Set Up A Web-Based Enterprise Password Manager Protected By Two-Factor Authentication -> http://goo.gl/lbu30
[METASPLOIT] Rev. 13135: built in John the Ripper support -> http://goo.gl/oyzn3
[POST] Facts and myths about antivirus evasion with Metasploit -> http://goo.gl/NM8kP
[EXPLOIT] phpMyAdmin 3.x Swekey Remote Code Injection Exploit -> http://goo.gl/N6Aof
[POST] Binary Planting Goes “Any File Type” -> http://goo.gl/fS3fI
[POST] Reversing Jailbreakme.com 4.3.3 -> http://goo.gl/x5ckq
[NEWS] David Beckham official website hacked -> http://goo.gl/v7CiQ , http://goo.gl/OqwXj
[NEWS] Microsoft: No botnet is indestructible -> http://goo.gl/dtwT6
[POST] Metasploit 3.4 and SET 0.6.1 on iPhone 4 -> http://goo.gl/5shrc
[SCRIPT] Update Script for Backtrack 5 -> http://goo.gl/7p4tX
[UPDATE] Python 3.2.1 is released -> http://goo.gl/OxPkh
[NEWS] WashingtonPost jobs site attacked -> http://goo.gl/B6ecx
[SHEET] Netcat cheat sheet -> http://goo.gl/aaPaJ
[BOOK] Metasploit: The Penetration Tester’s Guide -> http://goo.gl/KkQYx
[POST] Backdooring Win7 and LotusNotes 8.5.x using Uniscribe dll path spoofing -> http://goo.gl/M5Zxy
[POST] Abusing Password Resets -> http://goo.gl/paS55
[POST] HTML 5 – XSSQL attack -> http://goo.gl/7okn8
[POST] New SMS Trojan Targeting Android Users -> http://goo.gl/r8cu0

4li3n’s after midnight useless news and links – 2011.07.11 (*not-so-cool* edition)

[NEWS] Registrations are now open at s3cure.gr -> http://goo.gl/7rZ6r
[SHEET] Windows registry quick reference (PDF) -> http://goo.gl/C5EPy
[POST] Hacking Windows Using Evilgrade -> http://goo.gl/jRH3S
[POST] Georgio Fedon’s presentation from AthCon 2011 -> http://goo.gl/Rjtqk
[NEWS] Hellenic parliament site hacked -> http://goo.gl/9pFVP
[POST] Secure IPsec/L2TP VPN for on the road android devices -> http://goo.gl/dhHQQ
[EXPLOIT] Avaya IP Office Manager TFTP Server Directory Traversal Vulnerability -> http://goo.gl/E7je6
[TOOL] Vega v1.0 Beta released: OSS web applications Testing platform -> http://goo.gl/HrEos
[TOOL] Incident Analyser 1.0 released -> http://goo.gl/M5do3
[TOOL] BeEF The Browser Exploitation Framework released -> http://goo.gl/zq0jx
[SCRIPT] XSS-harvest: Harvesting Cross Site Scripting, Clicks, Keystrokes and Cookies -> http://goo.gl/9oRMr
[NEWS] Kevin Mitnick shows how easy it is to hack a phone -> http://goo.gl/414d0
[NEWS] Public exploit puts iPhone users at risk -> http://goo.gl/De19w
[INFO] The Two Faces of Hacking (hacking matrix) -> http://goo.gl/z4ljZ
[POST] Hacking with JSP Shells -> http://goo.gl/EtrR2
[POST] How To Own Every User On A Social Networking Site -> http://goo.gl/Ov4hZ
[INFO] Hewlett Packard’s Laptop Lock Takes Only Seconds To Crack -> http://goo.gl/d8h6E
[INFO] Gruyere: Web Application Exploits and Defenses http://goo.gl/94k0G
[NEWS] HNN is shutting down. The LAST episode of HNNCast -> http://goo.gl/JzFih
[POST] Javascript Obfuscation in Metasploit -> http://goo.gl/Tmzbz

Linux CLI reference

Command Description
apropos whatis Show commands pertinent to string.
man -t man | ps2pdf – > man.pdf make a pdf of a manual page
which command Show full path name of command
time command See how long a command takes
time cat Start stopwatch. Ctrl-d to stop.
nice info Run a low priority command (The “info” reader in this case)
renice 19 -p $ Make shell (script) low priority. Use for non interactive tasks
dir navigation
cd – Go to previous directory
cd Go to $HOME directory
(cd dir && command) Go to dir, execute command and return to current dir
pushd . Put current dir on stack so you can popd back to it
file searching
alias l=’ls -l –color=auto’ quick dir listing
ls -lrt List files by date.
ls /usr/bin | pr -T9 -W$COLUMNS Print in 9 columns to width of terminal
find -name ‘*.[ch]‘ | xargs grep -E ‘expr’ Search ‘expr’ in this dir and below.
find -type f -print0 | xargs -r0 grep -F ‘example’ Search all regular files for ‘example’ in this dir and below
find -maxdepth 1 -type f | xargs grep -F ‘example’ Search all regular files for ‘example’ in this dir
find -maxdepth 1 -type d | while read dir; do echo $dir; echo cmd2; done Process each item with multiple commands (in while loop)
find -type f ! -perm -444 Find files not readable by all (useful for web site)
find -type d ! -perm -111 Find dirs not accessible by all (useful for web site)
locate -r ‘file[^/]*.txt’ Search cached index for names. This re is like glob *file*.txt
look reference Quickly search (sorted) dictionary for prefix
grep –color reference /usr/share/dict/words Highlight occurances of regular expression in dictionary
archives and compression
gpg -c file Encrypt file
gpg file.gpg Decrypt file
tar -c dir/ | bzip2 > dir.tar.bz2 Make compressed archive of dir/
bzip2 -dc dir.tar.bz2 | tar -x Extract archive (use gzip instead of bzip2 for tar.gz files)
tar -c dir/ | gzip | gpg -c | ssh user@remote ‘dd of=dir.tar.gz.gpg’ Make encrypted archive of dir/ on remote machine
find dir/ -name ‘*.txt’ | tar -c –files-from=- | bzip2 > dir_txt.tar.bz2 Make archive of subset of dir/ and below
find dir/ -name ‘*.txt’ | xargs cp -a –target-directory=dir_txt/ –parents Make copy of subset of dir/ and below
( tar -c /dir/to/copy ) | ( cd /where/to/ && tar -x -p ) Copy (with permissions) copy/ dir to /where/to/ dir
( cd /dir/to/copy && tar -c . ) | ( cd /where/to/ && tar -x -p ) Copy (with permissions) contents of copy/ dir to /where/to/
( tar -c /dir/to/copy ) | ssh -C user@remote ‘cd /where/to/ && tar -x -p’ Copy (with permissions) copy/ dir to remote:/where/to/ dir
dd bs=1M if=/dev/sda | gzip | ssh user@remote ‘dd of=sda.gz’ Backup harddisk to remote machine
rsync (Network efficient file copier: Use the –dry-run option for testing)
rsync -P rsync://rsync.server.com/path/to/file file Only get diffs. Do multiple times for troublesome downloads
rsync –bwlimit=1000 fromfile tofile Locally copy with rate limit. It’s like nice for I/O
rsync -az -e ssh –delete ~/public_html/ remote.com:’~/public_html’ Mirror web site (using compression and encryption)
rsync -auz -e ssh remote:/dir/ . && rsync -auz -e ssh . remote:/dir/ Synchronize current directory with remote one
ssh (Secure SHell)
ssh $USER@$HOST command Run command on $HOST as $USER (default command=shell)
ssh -f -Y $USER@$HOSTNAME xeyes Run GUI command on $HOSTNAME as $USER
scp -p -r $USER@$HOST: file dir/ Copy with permissions to $USER’s home directory on $HOST
ssh -g -L 8080:localhost:80 root@$HOST Forward connections to $HOSTNAME:8080 out to $HOST:80
ssh -R 1434:imap:143 root@$HOST Forward connections from $HOST:1434 in to imap:143
wget (multi purpose download tool)
(cd dir/ && wget -nd -pHEKk http://www.pixelbeat.org/cmdline.html) Store local browsable version of a page to the current dir
wget -c http://www.example.com/large.file Continue downloading a partially downloaded file
wget -r -nd -np -l1 -A ‘*.jpg’ http://www.example.com/dir/ Download a set of files to the current directory
wget ftp://remote/file[1-9].iso/ FTP supports globbing directly
wget -q -O- http://www.pixelbeat.org/timeline.html | grep ‘a href’ | head Process output directly
echo ‘wget url’ | at 01:00 Download url at 1AM to current dir
wget –limit-rate=20k url Do a low priority download (limit to 20KB/s in this case)
wget -nv –spider –force-html -i bookmarks.html Check links in a file
wget –mirror http://www.example.com/ Efficiently update a local copy of a site (handy from cron)
networking (Note ifconfig, route, mii-tool, nslookup commands are obsolete)
ethtool eth0 Show status of ethernet interface eth0
ethtool –change eth0 autoneg off speed 100 duplex full Manually set ethernet interface speed
iwconfig eth1 Show status of wireless i
nterface eth1
iwconfig eth1 rate 1Mb/s fixed Manually set wireless interface speed
iwlist scan List wireless networks in range
ip link show List network interfaces
ip link set dev eth0 name wan Rename interface eth0 to wan
ip link set dev eth0 up Bring interface eth0 up (or down)
ip addr show List addresses for interfaces
ip addr add brd + dev eth0 Add (or del) ip and mask (
ip route show List routing table
ip route add default via Set default gateway to
tc qdisc add dev lo root handle 1:0 netem delay 20msec Add 20ms latency to loopback device (for testing)
tc qdisc del dev lo root Remove latency added above
host pixelbeat.org Lookup DNS ip address for name or vice versa
hostname -i Lookup local ip address (equivalent to host `hostname`)
whois pixelbeat.org Lookup whois info for hostname or ip address
netstat -tupl List internet services on a system
netstat -tup List active connections to/from system
windows networking (Note samba is the package that provides all this windows specific networking support)
smbtree Find windows machines. See also findsmb
nmblookup -A Find the windows (netbios) name associated with ip address
smbclient -L windows_box List shares on windows machine or samba server
mount -t smbfs -o fmask=666,guest //windows_box/share /mnt/share Mount a windows share
echo ‘message’ | smbclient -M windows_box Send popup to windows machine (off by default in XP sp2)
text manipulation (Note sed uses stdin and stdout. Newer versions support inplace editing with the -i option)
sed ‘s/string1/string2/g’ Replace string1 with string2
sed ‘s/(.*)1/12/g’ Modify anystring1 to anystring2
sed ‘/ *#/d; /^ *$/d’ Remove comments and blank lines
sed ‘:a; /\$/N; s/\n//; ta’ Concatenate lines with trailing
sed ‘s/[ t]*$//’ Remove trailing spaces from lines
sed ‘s/([`”$])/\1/g’ Escape shell metacharacters active within double quotes
seq 10 | sed “s/^/      /; s/ *(.{7,})/1/” Right align numbers
sed -n ’1000{p;q}’ Print 1000th line
sed -n ’10,20p;20q Print lines 10 to 20
sed -n ‘s/.*<title>(.*)</title>.*/1/ip;T;q Extract title from HTML web page
sed -i 42d ~/.ssh/known_hosts Delete a particular line
sort -t. -k1,1n -k2,2n -k3,3n -k4,4n Sort IPV4 ip addresses
echo ‘Test’ | tr ‘[:lower:]‘ ‘[:upper:]‘ Case conversion
tr -dc ‘[:print:]‘ < /dev/urandom Filter non printable characters
history | wc -l Count lines
set operations (Note you can export LANG=C for speed. Also these assume no duplicate lines within a file)
sort file1 file2 | uniq Union of unsorted files
sort file1 file2 | uniq -d Intersection of unsorted files
sort file1 file1 file2 | uniq -u Difference of unsorted files
sort file1 file2 | uniq -u Symmetric Difference of unsorted files
join -t’′ -a1 -a2 file1 file2 Union of sorted files
join -t’′ file1 file2 Intersection of sorted files
join -t’′ -v2 file1 file2 Difference of sorted files
join -t’′ -v1 -v2 file1 file2 Symmetric Difference of sorted files
echo ‘(1 + sqrt(5))/2′ | bc -l Quick math (Calculate ?).
echo ‘pad=20; min=64; (100*10^6)/((pad+min)*8)’ | bc More complex (int) e.g. This shows max FastE packet rate
echo ‘pad=20; min=64; print (100E6)/((pad+min)*8)’ | python Python handles scientific notation
echo ‘pad=20; plot [64:1518] (100*10**6)/((pad+x)*8)’ | gnuplot -persist Plot FastE packet rate vs packet size
echo ‘obase=16; ibase=10; 64206′ | bc Base conversion (decimal to hexadecimal)
echo $((0x2dec)) Base conversion (hex to dec) ((shell arithmetic expansion))
units -t ’100m/9.58s’ ‘miles/hour’ Unit conversion (metric to imperial)
units -t ’500GB’ ‘GiB’ Unit conversion (SI to IEC prefixes)
units -t ’1 googol’ Definition lookup
seq 100 | (tr ‘n’ +; echo 0) | bc Add a column of numbers.
cal -3 Display a calendar
cal 9 1752 Display a calendar for a particular month year
date -d fri What date is it this friday.
[ $(date -d “tomorrow” +%d) = “01” ] || exit exit a script unless it’s the last day of the month
date –date=’25 Dec’ +%A What day does xmas fall on, this year
date –date=’@2147483647′ Convert seconds since the epoch (1970-01-01 UTC) to date
TZ=’America/Los_Angeles’ date What time is it on west coast of US (use tzselect to find TZ)
date –date=’TZ=”America/Los_Angeles” 09:00 next Fri’ What’s the l
ocal time for 9AM next Friday on west coast US
echo “mail -s ‘get the train’ P@draigBrady.com < /dev/null” | at 17:45 Email reminder
echo “DISPLAY=$DISPLAY xmessage cooker” | at “NOW + 30 minutes” Popup reminder
printf “%’dn” 1234 Print number with thousands grouping appropriate to locale
BLOCK_SIZE=’1 ls -l get ls to do thousands grouping appropriate to locale
echo “I live in `locale territory`” Extract info from locale database
LANG=en_IE.utf8 locale int_prefix Lookup locale info for specific country.
locale | cut -d= -f1 | xargs locale -kc | less List fields available in locale database
recode (Obsoletes iconv, dos2unix, unix2dos)
recode -l | less Show available conversions (aliases on each line)
recode windows-1252.. file_to_change.txt Windows “ansi” to local charset (auto does CRLF conversion)
recode utf-8/CRLF.. file_to_change.txt Windows utf8 to local charset
recode iso-8859-15..utf8 file_to_change.txt Latin9 (western europe) to utf8
recode ../b64 < file.txt > file.b64 Base64 encode
recode /qp.. < file.qp > file.txt Quoted printable decode
recode ..HTML < file.txt > file.html Text to HTML
recode -lf windows-1252 | grep euro Lookup table of characters
echo -n 0×80 | recode latin-9/x1..dump Show what a code represents in latin-9 charmap
echo -n 0x20AC | recode ucs-2/x2..latin-9/x Show latin-9 encoding
echo -n 0x20AC | recode ucs-2/x2..utf-8/x Show utf-8 encoding
gzip < /dev/cdrom > cdrom.iso.gz Save copy of data cdrom
mkisofs -V LABEL -r dir | gzip > cdrom.iso.gz Create cdrom image from contents of dir
mount -o loop cdrom.iso /mnt/dir Mount the cdrom image at /mnt/dir (read only)
cdrecord -v dev=/dev/cdrom blank=fast Clear a CDRW
gzip -dc cdrom.iso.gz | cdrecord -v dev=/dev/cdrom – Burn cdrom image (use dev=ATAPI -scanbus to confirm dev)
cdparanoia -B Rip audio tracks from CD to wav files in current dir
cdrecord -v dev=/dev/cdrom -audio -pad *.wav Make audio CD from all wavs in current dir (see also cdrdao)
oggenc –tracknum=’track’ track.cdda.wav -o ‘track.ogg’ Make ogg file from wav file
disk space
ls -lSr Show files by size, biggest last
du -s * | sort -k1,1rn | head Show top disk users in current dir.
df -h Show free space on mounted filesystems
df -i Show free inodes on mounted filesystems
fdisk -l Show disks partitions sizes and types (run as root)
rpm -q -a –qf ‘%10{SIZE}t%{NAME}n’ | sort -k1,1n List all packages by installed size (Bytes) on rpm distros
dpkg-query -W -f=’${Installed-Size;10}t${Package}n’ | sort -k1,1n List all packages by installed size (KBytes) on deb distros
dd bs=1 seek=2TB if=/dev/null of=ext3.test Create a large test file (taking no space).
> file truncate data of file or create an empty file
tail -f /var/log/messages Monitor messages in a log file
strace -c ls >/dev/null Summarise/profile system calls made by command
strace -f -e open ls >/dev/null List system calls made by command
ltrace -f -e getenv ls >/dev/null List library calls made by command
lsof -p $ List paths that process id has open
lsof ~ List processes that have specified path open
tcpdump not port 22 Show network traffic except ssh.
ps -e -o pid,args –forest List processes in a hierarchy
ps -e -o pcpu,cpu,nice,state,cputime,args –sort pcpu | sed ‘/^ 0.0 /d’ List processes by % cpu usage
ps -e -orss=,args= | sort -b -k1,1n | pr -TW$COLUMNS List processes by mem (KB) usage.
ps -C firefox-bin -L -o pid,tid,pcpu,state List all threads for a particular process
ps -p 1,2 List info for particular process IDs
last reboot Show system reboot history
free -m Show amount of (remaining) RAM (-m displays in MB)
watch -n.1 ‘cat /proc/interrupts’ Watch changeable data continuously
system information (‘#’ means root access is required)
uname -a Show kernel version and system architecture
head -n1 /etc/issue Show name and version of distribution
cat /proc/partitions Show all partitions registered on the system
grep MemTotal /proc/meminfo Show RAM total seen by the system
grep “model name” /proc/cpuinfo Show CPU(s) info
lspci -tv Show PCI info
lsusb -tv Show USB info
mount | column -t List mounted filesystems on the system (and align output)
grep -F capacity: /proc/acpi/battery/BAT0/info Show state of cells in laptop battery
# dmidecode -q | less Display SMBIOS/DMI information
# smartctl -A /dev/sda | grep Power_On_Hours How long has this disk (system) been powered on in total
# hdparm -i /dev/sda Show info about disk sda
# hdparm -tT /dev/sda Do a read speed test on disk sda
# badblocks -s /dev/sda Test for unreadable blocks on disk sda
readline Line editor used by bash, python, bc, gnuplot, …

screen Virtual terminals with detach capability, …
mc Powerful file manager that can browse rpm, tar, ftp, ssh, …
gnuplot Interactive/scriptable graphing
links Web browser
xdg-open . open a file or url with the registered desktop application
alias hd=’od -Ax -tx1z -v’ Handy hexdump. (usage e.g.: • hd /proc/self/cmdline | less)
alias realpath=’readlink -f’ Canonicalize path. (usage e.g.: • realpath ~/../$USER)
set | grep $USER Search current environment
touch -c -t 0304050607 file Set file timestamp (YYMMDDhhmm)
python -m SimpleHTTPServer Serve current directory tree at http://$HOSTNAME:8000/

This is just a repost from https://www.sanctuarydatasystems.co.uk/data-backup/linux-cli-reference/