LS Lsd 013 Rar
Rclone is a command-line program to manage files on cloud storage. Itis a feature-rich alternative to cloud vendors' web storageinterfaces. Over 40 cloud storage products supportrclone including S3 object stores, business & consumer file storageservices, as well as standard transfer protocols.
LS Lsd 013 rar
Rclone has powerful cloud equivalents to the unix commands rsync, cp,mv, mount, ls, ncdu, tree, rm, and cat. Rclone's familiar syntaxincludes shell pipeline support, and --dry-run protection. It isused at the command line, in scripts or via its API.
Rclone really looks after your data. It preserves timestamps andverifies checksums at all times. Transfers over limited bandwidth;intermittent connections, or subject to quota can be restarted, fromthe last good file transferred. You cancheck the integrity of your files. Wherepossible, rclone employs server-side transfers to minimise localbandwidth use and transfers from one provider to another withoutusing local disk.
Rclone is mature, open-source software originally inspired by rsyncand written in Go. The friendly supportcommunity is familiar with varied use cases. Official Ubuntu, Debian,Fedora, Brew and Chocolatey repos. include rclone. For the latestversion downloading from rclone.org is recommended.
Since I use so many different machines, my .bashrc always sets the command prompt to include, among other things, the name of the server I am currently logged into. This way, when I am three levels deep in telnet/ssh, I don't type the wrong thing in the wrong window. It really sucks to rm -rf . in the wrong window! (Note: At home, telnet is disabled on all machines. At work, ssh is not always enabled and I don't have root access to very many machines.)
I often found myself piping output through awk in order to get a certain column of the output, as in df -h awk 'print $2' to find the size of each of my disks. To make this easier, I created a function fawk in my .bashrc:
If you need to specify a delimiter (e.g., awk -F: for /etc/passwd), this function obviously can't handle that. The slightly-overhauled version in this gist can handle arbitrary awk arguments before the field number (but still requires input from stdin).
I have a GPG agent that makes it so I only have to enter my private key's password once every few hours. You still have to have some trust in the users of the system because your variable, functions, and aliases that you define could be extracted from RAM. However, I use this mainly for my laptop. If it gets stolen, I don't want someone easily seeing things like:
I used to set these up all over the place but then realized that it was better to just remember how to do them 'manually' because it meant I would 1) fully understand what was going on and 2) have access to these capabilities even if my custom .bashrc wasn't installed.
I've had this in my .bashrc for a while and I've found it helpful. If you are sshing in to the box, is starts screen automatically when you login, that way when your network connection gets interrupted or whatever, you don't lose whatever you were doing. It should be placed at the end.
I also find I have to include export EDITOR=vim because a number of recent distros default to nano which is most annoying to be thrown into by a utility that needs you to edit something, when I was expecting vi. :-/
I also alter my prompt. I found a long long time ago that adding the last error code is just useful enough that I like it. And I like the full pathname in the prompt. And the current screen number, too. And it just makes sense to include the current user and hostname. My prompt is PS1='\u@\h $PWD $WINDOW [$?] \$ '
This is my favourite. Causes bash to append to history instead of overwriting it. Typically when you launch bash, it loads history into memory, and when you close it it writes it out. This means that if you load two shells, use both, then close both, the one you closed last overwrites all changes.
This snippet causes it to first of all only append changes (instead of overwriting with the whole buffer), and then to cause it to, after every command, write out changes. In effect, you get a live updating .bash_history, so if you start a new terminal, you have all the commands from your other running sessions' history.
Unfortunately, awhile back I launched a shell from cron which didn't read .bashrc somehow, and chopped everything down to 500 lines, destroying over a years' history. So I recommend these go in /etc/bashrc.
Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system. Adversaries may use the information from File and Directory Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Many command shell utilities can be used to obtain this information. Examples include dir, tree, ls, find, and locate. Custom tools may also be used to gather file and directory information and interact with the Native API. Adversaries may also leverage a Network Device CLI on network devices to gather file and directory information (e.g. dir, show flash, and/or nvram).
admin@338 actors used the following commands after exploiting a machine with LOWBALL malware to obtain information about files and directories: dir c:\ >> %temp%\download dir "c:\Documents and Settings" >> %temp%\download dir "c:\Program Files\" >> %temp%\download dir d:\ >> %temp%\download
BlackEnergy gathers a list of installed apps from the uninstall program Registry. It also gathers registered mail, browser, and instant messaging clients from the Registry. BlackEnergy has searched for given file types.
Cardinal RAT checks its current working directory upon execution and also contains watchdog functionality that ensures its executable is located in the correct path (else it will rewrite the payload).
DustySky scans the victim for files that contain certain keywords and document types including PDF, DOC, DOCX, XLS, and XLSX, from a list that is obtained from the C2 as a text file. It can also identify logical drives for the infected machine.
Gamaredon Group macros can scan for Microsoft Word and Excel files to inject with additional malicious macros. Gamaredon Group has also used its backdoors to automatically list interesting files (such as Office documents) found on a system.
GeminiDuke collects information from the victim, including installed drivers, programs previously executed by users, programs and services configured to automatically run at startup, files and folders present in any user's home folder, files and folders present in any user's My Documents, programs installed to the Program Files folder, and recently accessed files, folders, and programs.
Several Lazarus Group has conducted word searches on compromised machines to identify specific documents of interest. Lazarus Group malware can use a common function to identify target files by their extension, and some also enumerate files and directories, including a Destover-like variant that lists files and gathers information for all drives.
NETEAGLE allows adversaries to enumerate and modify the infected host's file system. It supports searching for directories, creating directories, listing directory contents, reading and writing to files, retrieving file attributes, and retrieving volume information.
Rising Sun can enumerate information about files from the infected system, including file size, attributes, creation time, last access time, and write time. Rising Sun can enumerate the compilation timestamp of Windows executable files.
Sowbug identified and extracted all Word documents on a server by using a command containing * .doc and *.docx. The actors also searched for documents based on a specific date range and attempted to identify all installed software on a victim.
TrickBot searches the system for all of the following file extensions: .avi, .mov, .mkv, .mpeg, .mpeg4, .mp4, .mp3, .wav, .ogg, .jpeg, .jpg, .png, .bmp, .gif, .tiff, .ico, .xlsx, and .zip. It can also obtain browsing history, cookies, and plug-in information.
Turla surveys a system upon check-in to discover files in specific locations on the hard disk %TEMP% directory, the current user's desktop, the Program Files directory, and Recent. Turla RPC backdoors have also searched for files matching the lPH*.dll pattern.
XAgentOSX contains the readFiles function to return a detailed listing (sometimes recursive) of a specified directory. XAgentOSX contains the showBackupIosFolder function to check for IOS device backups by running ls -la /Library/Application\ Support/MobileSync/Backup/.
Zebrocy searches for files that are 60mb and less and contain the following extensions: .doc, .docx, .xls, .xlsx, .ppt, .pptx, .exe, .zip, and .rar. Zebrocy also runs the echo %APPDATA% command to list the contents of the directory. Zebrocy can obtain the current execution path as well as perform drive enumeration.
Monitor executed commands and arguments that may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system. For network devices, monitor executed commands in AAA logs, especially those run by unexpected or unauthorized users.
My belief is that all file managers suck. There are no exceptions to this. So, for the past few months, I've been sourcing a file with a bunch of tricks I've invented / found through browsing the web to make using just bash as a file manager much more convenient. 041b061a72