Definitive Shell Efficiency

side note - I'm trying this new thing where I write as many blog posts as possible. If I can't think of any good ideas, then I lower my standards and write a mediocre blog post. With that being said, I present my blog post on "definitive shell efficiency"


I like to work quickly and efficiently. As such, I spend as much time in a terminal as possible. I've picked up a few tricks over the years to make working in the terminal as efficient as possible. Here are some of those tricks.

For reference, I primarily use native GNU Bash on OS X

First and foremost...


People commonly refer to periods of human history in BC and AD, to signify whether an event happened before or after Christ's death. I commonly refer to things that have happened in the past by referencing whether it happened before or after I discovered pbcopy and pbpaste, if that says anything about how much of an impact these utilities have had on my life.

On OS X, pbcopy and pbpaste are native tools to allow you interact with the clipboard via the command line. They are not installed by default on Linux, but they can be configured easily.

pbcopy simply takes the STDOUT of a command and copies it to your clipboard, like so:

~ >> ifconfig en0 | pbcopy
~ >>

Then you can access the text by either right-clicking and pasting, or using pbpaste.

pbpaste does the opposite. It outputs whatever is in the clipboard to STDOUT, like so:

~ >> pbpaste
    ether 54:26:96:xx:xx:xx 
    inet netmask 0xffffff00 broadcast
    nd6 options=1<PERFORMNUD>
    media: autoselect
    status: active

You can use them solely on the command line:

~ >> echo ayy lmao | pbcopy
~ >> 
~ >> 
~ >> pbpaste
ayy lmao  
~ >> 

...or your you can copy/paste regularly using right-click or CTRL+C/CTRL+V. Gone are the days of having to copy something from a web page into a terminal, paste it into nano or vim, cat the file to perform the text manipulation, output the file to another file, then rename the new file. It just works.

pbcopy and pbpaste can be jerry-rigged in Linux by installing the xclip package and creating aliases in .bashrc.

$ sudo apt-get install xclip
$ echo AAAA | xclip -i
$ xclip -o

Append the following to your .bashrc file to use the same familiar pbcopy and pbpaste syntax:

alias pbcopy='xclip -i'  
alias pbpaste='xclip -o'  

Native bash shortcuts that I use a lot

CTRL+L - Clear screen
CTRL+K - Delete all text to the right of the cursor
CTRL+A - Snap cursor to beginning of line
CTRL+E - Snap cursor to end of line
!! - Execute previous command
sudo !! - Execute previous command with sudo
!nano - Re-run the last nano command you executed with the same arguments as before
echo $? - Print the exit code of the previous command

Custom utilities


My friend and cohort Shawn Evans wrote an incredibly useful Bash function to parse out IP addresses from a blob of text using regular expressions. I keep this in my .bashrc file.

function ipgrab()  
read line; echo $line | grep -E -o '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}';  
while read line; do echo $line | grep -E -o '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'; done  
echo $line | grep -E -o '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}';  

The usage is as follows:

~ >> echo "ASDLFHJASDJFHADS1.1.1.1SDFJLASDFJ" | ipgrab  
~ >>


~ >> ifconfig | ipgrab  
~ >>

Python Simple Webserver

An oldie but a goodie. This little one-liner allows you to spawn a minimalistic web server in any directory to serve files using good ole fashioned pure Python.

The syntax is as follows:

~ >> python -m SimpleHTTPServer 8080
Serving HTTP on port 8080 ...  


I wrote a small Python script to Google a string and report simply whether or not that string returns more than zero results. I typically use this script to see if the MD5 checksum of a malware sample has been seen anywhere else or if I'm the first researcher to discover a certain malware sample. I keep this script in my $PATH variable so I don't have to call it using the entire fully-qualified file path.

The usage is as follows:

~ >> head /dev/random | md5
~ >> google a4262810ec4882b341dd78fd813a75cc
[-] a4262810ec4882b341dd78fd813a75cc - Zero results. String not indexed by Google.
~ >>
~ >>
~ >> google "Dank Memes"
[+] Dank Memes - Results found. String is indexed by Google.

My good buddy Pronto runs a service called The cool thing about this service is that it allows you to curl the web server to find your external IP address in plaintext, as follows:

~ >> curl  

That's all folks

Hopefully you learned a thing or two here. As always, please don't hesitate to reach out to me via email or Twitter if you have feedback or suggestions.

Be well,