# command line

ports=$(nmap -p- --min-rate=1000 -T4 10.10.10.188 | grep ^\[0-9] | cut -d '/' -f 1 | tr '\n' ',' | sed s/,$//) nmap -v -sCSV -p$ports -A -oA nmap/initial 10.10.10.188

msfdb run

cme smb 10.10.10.x

enum4linux -v 10.10.10.x >enum.txt

smbclient -L //10.10.10.x

smbclient -N//10.10.10.x/dir

smbmap -H 10.10.10.x -u anonymous

smbmap -H 10.10.10.x -u anonymous -r --depth 5

nmap -v -sCSV -A -oA nmap/initial 10.10.10.x

nmap -Pn -vvv -p21 10.10.10.x

nmap -p389 --script ldapsearc -Pn 10.10.10.x

dirb <http://10.10.10.x> -o >dirb-output

nikto -h 10.10.10.x -p80 -o nikto-results-f.txt

rpclient -U "" 10.10.10.10

```
serinfo

enumdomusers

getdompwinfo
```

```bash
$ wget -e robots=off -r -np 'http://example.com/folder/'


-e robots=off causes it to ignore robots.txt for that domain
-r makes it recursive
-np = no parents, so it doesn't follow links up to the parent folder
```

```bash
find . -readable -u <usernam>

find / user <username> 2>/dev/null
```

```bash
find / -newermt "2019-11-25" ! -newermt "2019-12-10" -ls 2>/dev/null
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://0xdecaf2bad.gitbook.io/red-team-notes/command-line.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.