# Shell Fu - Oneliners

## URI analysis - JavaScript Enumeration

```
cat file.js | grep -aoP "(?<=(\"|\'|\`))\/[a-zA-Z0-9_?&=\/\-\#\.]*(?=(\"|\'|\`))" | sort -u
```

## cURL - NTLM authentication

```
curl -k --ntlm -u username:password URL
```

With an authentication within the domain (double slash for shell as escape sequence)

```
curl -k --ntlm -u DOMAIN\\username:password URL
```

A silent (-s,--silent) version with HTTP status code reporting

```
curl -s -o /dev/null -w \"%{http_code}\" -k --ntlm -u -u username:password URL
```

## Join - User\_Pass Wordlist Compilation

A replacement of a first ":" character is needed anyway, regex replacement needed "\n:", "\n"

```
join -j 2 -t $':' users.txt pass10k.txt
```