Cheat Sheet : Linux
Basic
Linux and Bash training is essential for any aspiring hacker. here a small beginners cheat sheet/lesson about Linux basics:
Linux Operating System
Linux File System
/Root of the file system
/varVariable data, log files are found here
/binBinaries, commands for users
/sbinSystem Binaries, commands for administration
/rootHome directory for the root user
/homeDirectory for all home folders for non-privileged users
/bootStores the Linux Kernel image and other boot files
/procDirect access to the Linux kernel
/devdirect access to hardware storage devices
/mntplace to mount devices on onto user mode file system
Identifying Users and Processes:
INIT process ID 1
Root UID, GID0
Accounts for services 1-999
All other users Above 1000
ring 0 in the security rings model, is where the kernel lies in linux
ring 1 and ring 3 is where device drivers lie
ring 3 is the users space and this is where init is and applications, etc.
init executes scripts to setup all non-os services and structures for the user environment. it also checks and mounts the file system and spawns the gui if its configured to do so. it will then present the user with the logon screen. init scripts are usually located in the etc/rc..../
</> is the root directory, this is where the linnux file system begins. every other directory is underneath it. do not confuse it with teh root account or the root accounts home directory
</etc> these are the config files for the linux system. Most are text files and can be edited
</bin> and </usr/bin> these directories contain most of the binaries for the system. The /bin directory contains the most important programs : shells, ls, grep. /usr/bin contains other applications for the user.
</sbin> and </usr/sbin> most system administration programs are here
</usr> most user applications, their source code, pictures,docs,and other config files. /usr is the largest directory on a linux system
</lib> the shared libraries (shared objects) for programs that are dynamicaly linked are stored here
</boot> boot info is stored here. the linux kernel is also kept here, the file vmlinuz is the kernel
</home> where all the users home directories are. every user has a directory under /home and its usually where they store all their files
</root> the superusers (root) home directory
</var> contains frequently changed variable data when the system is running. also contains logs (/var/log), mail ( /var/mail), and print info (/var/spool)
</tmp> scratch space for temporary files
</dev> contains all device info for the linux system. Devices are treated like files in linux, and you can read/write to them just like files (for the most part)
</mnt> used for mount points. HDs , usbs, cd roms must be mounted to some directory in the file system tree before being used. Debian sometimes uses /cdrom instead of /mnt
</proc> this is a special and interstinng directory. its actually a virtual directory because it doesnt actually exist. it contains info on the kernel and all processes info. contains special files that permit access to the current configuration of the system
file permissions are specified in terms of the permissions of 1. the file owner (self) 2. the files group members (group/business) 3. and everyone else (other)
* she-bang is #! and you would use this when writing a shell script at the beginning of the script. You will need to point it to teh interpreter which in linux bash is #!/bin/sh
•Ls to list whats in the directory, ls -la for hidden files
•When using cd to change directories remember the 2 ways is absolute path and relative path. Absolute path is in relation to the root directory, so if I wanted to change to the desktop from anywhere I type the absolute path to the desktop which is cd /root/desktop. If I was in the root directory I could use the relative path to the desktop (that is relative to your current location) with cd Desktop (it is case sensitive). The command cd .. takes you one level back in the filesystem
•Man pages: to learn more about the ls command you can do man ls and that will list the man page about it. Q quit
•Adding a user: by default the kali login is a privileged account because many tools require root to run. You should add an underprivileged account for everyday use. Adduser ray this will add a user and put it in group 1000 and create a home directory at /home/ray. It will then ask for a password twice, put one in. then it will ask for extra values optional like full name, work number , etc. Now I may need to do something as root as my regular user so I need superuser privileges added to my new user. We do that with adduser ray sudo . now if I want to switch to my regular user I do su ray . lets say I want to test if its underprivileged, try typing in adduser smojoe and see that it says command not found, that’s because we are underprivileged. Now try sudo adduser smojoe and put your password it and see that you can now add the user. If you want to switch back to root type su, then the root password which by default is toor. To change your root password type passwd and hit enter, then type in the new password twice.
•Creating a new file: to make a new empty file type touch raysfile .
•Make a new directory: mkdir raysdirectory
•Copying, moving and removing files: to copy a file use the cp command with the syntax of cp source destination: cp /root/raysfile raysfile2. To move a file its identical to copy except you use mv: mv /root/raysfile2 /root/raysdirectory. To remove a file type rm raysfile2. (side note , rm -rf deletes the entire filesystem because the r removes recursively)
•Adding text to a file: echo by itself will just repeat what you type in the terminal window. So echo im captain awesome will repeat this phrase back to you in the terminal. To put it in a file you use the > redirect command: echo im captain awesome > raysfile. To see the contents of it you type: cat raysfile. Now lets say I want to add more text to it, if you type echo im captain awesome again > raysfile and then cat it, you will notice that it overwrote what was there previously. We need to append with >> instead of the single >. So the command would be: echo im captain awesome a third time >> raysfile. Cat that and you will see it appended it to a new line
•File permissions: lets see what permissions my file has: ls -l raysfile. From left to right its first the file type (if it’s a directory or a file) then it’s the permissions (-rw-r-r--) then the number of links to the file (1), then the user and group that own the file (root), then the file size (however many bytes), then the last time the file was edited (the date and time) and finally the name of the file (raysfile). For permissions linux has read (r), write (w), and execute (x). there is also 3 sets of user permissions for owner, group, and all users. So the first 3 parts are for owner, the next 3 are for group and the final 3 are for all users. So the -rw-r-r—means that the owner gets read/write, the group gets read only, and all other users get read only. Because I made the file while logged in as root you will see root root after the permissions. To change permissions for a file use the chmod command, when specifying the permissions use number 0-7. So they would be like:
7 full permissions 111 binary
6 read and write 110 binary
5 read and execute 101 binary
4 read only 100 binary
3 write and execute 011 binary
2 write only 010 binary
1 execute only 001 binary
0 none 000 binary
•Chmod: so lets say I want to give the owner execute, read and write and the group and everyone else gets no permissions I would do chmod 700 raysfile. This is because the order for that in the binary of 111 is rwx as in read first then write then execute. The first initial dash – is stating that it’s a file, if it had a D there it would indicate that it is a directory.
•you can also do it by letter notation where: u = user owner, g = group owner, o = others or world, and a = all. so for example, if the file is already rwx------ and then i type chmod g+w, then it would read rwx-w----, meaning i added (+) the write capability to the group section. if i did chmod a+x that would now read rwx-wx--x meaning everybody (owner, group and world) have execute privileges now. if i did chmod a-x, now it would read rw--w---- meaning i have removed the execute privilege from everyone.
•Editing files: your not always going to have a gui text editor, especially when you break into a linux and get shell, so you need to be familiar with the shell version editors like nano and vi. So if I want to make a new file and edit it simultaneously I would type: nano testfile.txt. once this opens up you can start entering text (enter in chuck Norris knows victorias secret)and when your done you do ctrl-x and it will ask you if you want to save it, type Y and hit enter. Lets bring that testfile back up by typing nano testfile.txt again, now lets do a search for the word chuck. Do a ctrl-w and in the box type chuck and hit enter, it should bring the flashing cursor to the c in chuck. Ctrl-x again and hit y to save and enter. Now lets try vi editor, type vi testfile.txt. in its current state you cant enter text yet because you have to hit I (as in the letter i) to insert and start adding text. Add some text to the file, when your done hit escape to come back to command mode, here you can do stuff like delete words by positioning the cursor over a letter and hitting D and depending on which arrow key you do it will delete the letter. For example the word test, if the cursor is over the “e” and I hit d and then right arrow it deletes the “e”. now the cursor is over the “s” and the word says “tst”. If I hit D while the cursor is over the “s” and hit my left arrow it deletes the “t”, keeping the “s” intact. Kinda weird stuff, I prefer nano. If you position the cursor on a line and hit dd it will delete the whole line. To exit vi and to write the changes to the file you type :wq , w for write and q for quit. To learn more about these look to the man pages.
•Data manipulation: lets make a file with touch raystest and make it look like below:
1 warrior favorite
2 300 favorite2
3 braveheart favorite3
•Grep: now lets find all instances of a word, type: grep favorite raystest. This should output all 3 lines, now lets type: grep warrior raystest, this should output just the line that has warrior on it. Notice how it dumps the whole line not just the word. Now lets just find and output a word from the file using the pipe command. Type: grep warrior raystest | cut -d “ “ -f 2 in this command the -d is for delimiter, which in this case would be the space that’s in the line (1 warrior favorite), and the -f is the field in that line, being the second column. So its saying that in the second column if there is a word called warrior then output it to screen (warrior, 300 and braveheart are in the second column). Notice that if you rerun that command and change the -f 2 to a -f 3 it will output the word “favorite”, this is because it found the word warrior, so take that line and give me the value of whats in the 3rd column.
•Sed: you can also use sed to manipulate the data based on certain patterns and expressions. So lets say I had a long file and I needed to replace every instance of a certain word, sed is what you can use. With sed a / is the delimiter character, so lets say I wanted to replace every instance of favorite with awesome, type: sed ‘s/favorite/awesome/’ raystest this should output the text from our file but now it will say awesome, awesome2, and awesome3
•Awk: you can use to do pattern matching, so lets say in my file I wanted to find entries in the first column that were higher than 1, I would type: awk ‘$1 > 1’ raystest this will output the 2nd and 3rd line of my file. Then if I only wanted it to say “1 warrior, 2 300, and 3 braveheart” thus omitting the favorite words, I would type: awk ‘{print $1,$2;}’ raystest thus telling it to print to screen only the first and second columns.
•Starting services: when you do a fresh install of kali linux, postgresql and metasploit are not started by default, so if you want to start a service you type: service postgresql start, or service apache2 start, etc. now to make these start on bootup you have to manipulate the update-rc.d, so type: update-rc.d postgresql enable, then type in update-rc.d metasploit enable, now when you restart kali it will auto start these services
•Setting up networking in kali: ifconfig is the command to list the same stuff ipconfig does. The command route will show you the routing tables including what your gateway is. So to set a static address just on the fly you find what your eth interface number is and type: ifconfig eth0 10.0.0.20/24 to put this in a class c address. To make sure the static address persists upon restarts you have to edit the file under /etc/network/interfaces. I just opened this in leafpad, note the auto lo, iface lo inet loopback lines, that’s for the loopback address. So comment out the next section which is probably the dhcp ones, right below it type in:
auto eth0
iface eth0 inet static
address 10.0.0.20
netmask 255.255.255.0
gateway 10.0.0.4
once that’s done, save it and then restart networking with the command: service networking restart
•To view network connections such as ports listening , etc, type: netstat -antp
* if i type history in bash it will show me all the commands that i recently typed. This is good for quick re commands but bad if a hacker gets a hold of this because it will also have the passwords i entered. so like if i was downloading with wget and i did like --user ray --password lamepassword http://somesite.com , this stuff gets logged in bash history. so how about we store our passwords in temporary variables like so: so for this we need to define a variable and we do this with the read command. read -e -s -p "pass?" password hitting enter should put us in an interactive prompt showing pass? and here is where we type in our password (you cant see it as you type it). -e is If the standard input is coming from a terminal, readline is used to obtain the line. -s is Silent mode. If input is coming from a terminal, characters are not echoed. -p mode is The prompt is displayed only if input is coming from a terminal. we can do echo $password to see the password i just typed. so now our wget command would look like this : wget --user ray --password "$password" http://somesite.com. run history again and see that the plain text password is not there.
* export HISTORYCONTROL="ignorespace" is a way to get around having some stuff recorded in bash history. Now if i type a space (sometimes two spaces if it doesnt work) before my command it will not record it in bash history.
* also you can do export HISTIGNORE="pass:wget:ls" and now the history will ignore anything with the words pass, wget, and ls.
* if i type password="1234" then echo $password , it will echo that value of 1234. but if i do unset password, this will release the variable and when i type echo $password i get nothing
* if i want to delete something out of history i type history -d and then the number of that entry in history. so like history -d 15 will delete whatever is in the 15th history entry.
keyboard shortcuts: if im at the end of a line, hitting my home key brings me back to beginning. the end key will bring you back to the end of the line. control + U clears the whole line (as opposed to me backspacing all of it). control + L clears the screen.
lsof will show a list of open files. I can check all the details including the tcp connections and addresses of a firefox instance i have up and running by typing lsof -i -n -P | grep firefox. the -i option selects the listing of files any of whose Internet address matches the address specified in i. If no address is specified, this option selects the listing of all Internet and x.25 (HP-UX) network files. the -n option inhibits the conversion of network numbers to host names for network files. Inhibiting conversion may make lsof run faster. It is also useful when host name lookup is not working properly. the -P option inhibits the conversion of port numbers to port names for network files. Inhibiting the conversion may make lsof run a little faster. It is also useful when port name lookup is not working properly.
try netstat -tupac, lotsa info on your current connections
df command shows you the current free disk space, free command shows you the current free memory
pwd is print working directory
if i want to list all the stuff in Documents and list all the stuff in Pictures, I dont have to do 2 ls commands I just type ls Documents Pictures and it will show both (not backtrack but just regular ubuntu or similar distro
* ls -lt will add a time option to the list
* if i want to find out what type of file i have i type in file then the name of the file. example: file dateping.sh will tell me its a posix shell script
* less command lets me view a text files contents in terminal. Q will quit me out of there
* wildcards: if i wanted to move any files that start with the letters "up" i would type mv [up]*, now anything that starts with "u" , mv u*, now anything that starts with "u" and is the extension of .bin, mv u*.bin.
* filenames are case sensitive (like when moving and copying)
* spaces in filenames confuse bash as well
* two exclamation marks !! will run the last command
* type command will tell me what time of command im running. For instance if i wanted to see what type of command "type" is i type in type type, and it will show that its a shell builtin command
* which command will tell me where the commands are found. so if i type in which ls, it will show that the ls command is found in /bin/ls. it doesnt work for aliases to executables, like if i typed in which cd i get nothing as its just an alias for change directory
* help cd will tell me about the cd command
* mkdir --help will tell me help about mkdir
* man ls will give me the manual page for ls, I hit q to get out of it.
* apropos will show me all instances of a word , like apropos passwd.
* whatis will also tell me what a command is, whatis ls
* info will give me verbose info about a command
* i can chain commands together on the same line using semicolons between each command. So if i wanted to change to a directory and also look at its contents, then send me back to my working directory: cd /usr; ls;cd - would do this for me
* now lets say i wanted to make that last command an alias called foo, i would do alias foo='cd /usr;ls;cd -' now i can just type foo and it will run it. This will not persist when i close the terminal however. to make it permanent, gedit .bashrc and under the section that has aliases, put your alias there and save it. then close the current terminal and reopen it and you should be able to use it now with the alias name. if you do type myfoo you will see all the commands that are strung. You can move that bashrc file to other machines to persist your aliases across other machines
* unalias foo will take away that alias
* all the programs in the terminal give you some sort of output, whther it be a result or an error message. these are sent over to a file called standard output, stdout for short. that messages to a file called standard error, stderr for short. by default these files arent saved to the disk. the keyboard is automatically tied to the stdin , which is standard input. so we can change where the output goes and where the input comes from, rather than just the keyboard. so if i did ls -l /usr/bin in the terminal it will print to screen, but if i do ls -l /usr/bin > ls-output.txt, it will output it to a text file. Now if i had this file and typed ls -l /bin/usr > ls-output.txt, this will give an error because /bin/usr doesnt exist. This will also overwrite whatever was previously in the ls-output.txt file. this means it will be empty because it will have started writing to it , but stopped when it got this error. now if i want to append files to an existing one and not overwrite the data in it it use >> so like ls -l /usr/bin >> ls-output.txt, and then ls -l /usr/bn >> ls-output.txt will make this file doubled in size.
* cat is used to display the results as well, like cat ls-output.txt will print to console all of the content in that file. i can also use it to concatenate or join various files that are in succession. example, if i had movie.avi.001, movie.avi.002, and movie.avi.003 and i wanted to join them together i would type cat movie.avi.0* > movie.avi. I can also use cat to make content for a new text file. So if i type cat > newtext.txt and hit enter it will just wait there for input. So if i type the words this is a test and hit enter then type of the broadcast network and hit ctrl + d, ctrl + d , it will bring me back to the prompt. then if i open that text file it will have the content in there as i typed it.
* echo with a letter then an asterix will show you all the files in your current directory that start with that letter. echo *p will show all the files in this directory that start with p. this is also case sensitive. echo [[:upper:]]* will show everything in this dir that is uppercased.
* to find hidden files iin the directory your in : ls -d .[!.]?* you could also use ls -la
MAC Times
ModifyModify the contents of the file
AccessWhen the files was accessed last
ChangeMetadata change
Use the "touch -mac filename" command to update all of them at the same time
Permissions
UserGroupOthers
R400040004
W200020002
X100010001
SUID4000
SGID2000
Examples:
User can RWX, Group can RW and Others can R 764
User can RW, Group can R and others can R 644
SGID bit set, all users can RWX 2777
SUID bit set, all users can RWX 4777
SUID and GUID bit set, all users can RWX 6777
Linux Commands
CommandNotable OptionsDescription
Using Linux (Basic Commands)
man/ Manual pages
ls-l Looksee into a directory
cd Change directory
pwd Print working directory
touch-macr Create a file or update its attributes
mv Move a file
rm Remove a file
mkdir Make a directory
grep String search utility
more Paginate the output to the console
nano Simple text editor
vi Powerful text editor
gcc-o Compile from source code
Administration and Troubleshooting
dd Create an image file of a volume or device
file Query a file for its type
netstat List state of TCP/UDP ports
dig DNS Zone transfer
host Look up DNS records
lsof List open files
psaux View process list
rpcinfo Enumerate portmapper
smbclient-L List or use SMB shares
md5sum Calculate MD5 hash
Linux Operating System
Linux File System
/Root of the file system
/varVariable data, log files are found here
/binBinaries, commands for users
/sbinSystem Binaries, commands for administration
/rootHome directory for the root user
/homeDirectory for all home folders for non-privileged users
/bootStores the Linux Kernel image and other boot files
/procDirect access to the Linux kernel
/devdirect access to hardware storage devices
/mntplace to mount devices on onto user mode file system
Identifying Users and Processes:
INIT process ID 1
Root UID, GID0
Accounts for services 1-999
All other users Above 1000
ring 0 in the security rings model, is where the kernel lies in linux
ring 1 and ring 3 is where device drivers lie
ring 3 is the users space and this is where init is and applications, etc.
init executes scripts to setup all non-os services and structures for the user environment. it also checks and mounts the file system and spawns the gui if its configured to do so. it will then present the user with the logon screen. init scripts are usually located in the etc/rc..../
</> is the root directory, this is where the linnux file system begins. every other directory is underneath it. do not confuse it with teh root account or the root accounts home directory
</etc> these are the config files for the linux system. Most are text files and can be edited
</bin> and </usr/bin> these directories contain most of the binaries for the system. The /bin directory contains the most important programs : shells, ls, grep. /usr/bin contains other applications for the user.
</sbin> and </usr/sbin> most system administration programs are here
</usr> most user applications, their source code, pictures,docs,and other config files. /usr is the largest directory on a linux system
</lib> the shared libraries (shared objects) for programs that are dynamicaly linked are stored here
</boot> boot info is stored here. the linux kernel is also kept here, the file vmlinuz is the kernel
</home> where all the users home directories are. every user has a directory under /home and its usually where they store all their files
</root> the superusers (root) home directory
</var> contains frequently changed variable data when the system is running. also contains logs (/var/log), mail ( /var/mail), and print info (/var/spool)
</tmp> scratch space for temporary files
</dev> contains all device info for the linux system. Devices are treated like files in linux, and you can read/write to them just like files (for the most part)
</mnt> used for mount points. HDs , usbs, cd roms must be mounted to some directory in the file system tree before being used. Debian sometimes uses /cdrom instead of /mnt
</proc> this is a special and interstinng directory. its actually a virtual directory because it doesnt actually exist. it contains info on the kernel and all processes info. contains special files that permit access to the current configuration of the system
file permissions are specified in terms of the permissions of 1. the file owner (self) 2. the files group members (group/business) 3. and everyone else (other)
* she-bang is #! and you would use this when writing a shell script at the beginning of the script. You will need to point it to teh interpreter which in linux bash is #!/bin/sh
•Ls to list whats in the directory, ls -la for hidden files
•When using cd to change directories remember the 2 ways is absolute path and relative path. Absolute path is in relation to the root directory, so if I wanted to change to the desktop from anywhere I type the absolute path to the desktop which is cd /root/desktop. If I was in the root directory I could use the relative path to the desktop (that is relative to your current location) with cd Desktop (it is case sensitive). The command cd .. takes you one level back in the filesystem
•Man pages: to learn more about the ls command you can do man ls and that will list the man page about it. Q quit
•Adding a user: by default the kali login is a privileged account because many tools require root to run. You should add an underprivileged account for everyday use. Adduser ray this will add a user and put it in group 1000 and create a home directory at /home/ray. It will then ask for a password twice, put one in. then it will ask for extra values optional like full name, work number , etc. Now I may need to do something as root as my regular user so I need superuser privileges added to my new user. We do that with adduser ray sudo . now if I want to switch to my regular user I do su ray . lets say I want to test if its underprivileged, try typing in adduser smojoe and see that it says command not found, that’s because we are underprivileged. Now try sudo adduser smojoe and put your password it and see that you can now add the user. If you want to switch back to root type su, then the root password which by default is toor. To change your root password type passwd and hit enter, then type in the new password twice.
•Creating a new file: to make a new empty file type touch raysfile .
•Make a new directory: mkdir raysdirectory
•Copying, moving and removing files: to copy a file use the cp command with the syntax of cp source destination: cp /root/raysfile raysfile2. To move a file its identical to copy except you use mv: mv /root/raysfile2 /root/raysdirectory. To remove a file type rm raysfile2. (side note , rm -rf deletes the entire filesystem because the r removes recursively)
•Adding text to a file: echo by itself will just repeat what you type in the terminal window. So echo im captain awesome will repeat this phrase back to you in the terminal. To put it in a file you use the > redirect command: echo im captain awesome > raysfile. To see the contents of it you type: cat raysfile. Now lets say I want to add more text to it, if you type echo im captain awesome again > raysfile and then cat it, you will notice that it overwrote what was there previously. We need to append with >> instead of the single >. So the command would be: echo im captain awesome a third time >> raysfile. Cat that and you will see it appended it to a new line
•File permissions: lets see what permissions my file has: ls -l raysfile. From left to right its first the file type (if it’s a directory or a file) then it’s the permissions (-rw-r-r--) then the number of links to the file (1), then the user and group that own the file (root), then the file size (however many bytes), then the last time the file was edited (the date and time) and finally the name of the file (raysfile). For permissions linux has read (r), write (w), and execute (x). there is also 3 sets of user permissions for owner, group, and all users. So the first 3 parts are for owner, the next 3 are for group and the final 3 are for all users. So the -rw-r-r—means that the owner gets read/write, the group gets read only, and all other users get read only. Because I made the file while logged in as root you will see root root after the permissions. To change permissions for a file use the chmod command, when specifying the permissions use number 0-7. So they would be like:
7 full permissions 111 binary
6 read and write 110 binary
5 read and execute 101 binary
4 read only 100 binary
3 write and execute 011 binary
2 write only 010 binary
1 execute only 001 binary
0 none 000 binary
•Chmod: so lets say I want to give the owner execute, read and write and the group and everyone else gets no permissions I would do chmod 700 raysfile. This is because the order for that in the binary of 111 is rwx as in read first then write then execute. The first initial dash – is stating that it’s a file, if it had a D there it would indicate that it is a directory.
•you can also do it by letter notation where: u = user owner, g = group owner, o = others or world, and a = all. so for example, if the file is already rwx------ and then i type chmod g+w, then it would read rwx-w----, meaning i added (+) the write capability to the group section. if i did chmod a+x that would now read rwx-wx--x meaning everybody (owner, group and world) have execute privileges now. if i did chmod a-x, now it would read rw--w---- meaning i have removed the execute privilege from everyone.
•Editing files: your not always going to have a gui text editor, especially when you break into a linux and get shell, so you need to be familiar with the shell version editors like nano and vi. So if I want to make a new file and edit it simultaneously I would type: nano testfile.txt. once this opens up you can start entering text (enter in chuck Norris knows victorias secret)and when your done you do ctrl-x and it will ask you if you want to save it, type Y and hit enter. Lets bring that testfile back up by typing nano testfile.txt again, now lets do a search for the word chuck. Do a ctrl-w and in the box type chuck and hit enter, it should bring the flashing cursor to the c in chuck. Ctrl-x again and hit y to save and enter. Now lets try vi editor, type vi testfile.txt. in its current state you cant enter text yet because you have to hit I (as in the letter i) to insert and start adding text. Add some text to the file, when your done hit escape to come back to command mode, here you can do stuff like delete words by positioning the cursor over a letter and hitting D and depending on which arrow key you do it will delete the letter. For example the word test, if the cursor is over the “e” and I hit d and then right arrow it deletes the “e”. now the cursor is over the “s” and the word says “tst”. If I hit D while the cursor is over the “s” and hit my left arrow it deletes the “t”, keeping the “s” intact. Kinda weird stuff, I prefer nano. If you position the cursor on a line and hit dd it will delete the whole line. To exit vi and to write the changes to the file you type :wq , w for write and q for quit. To learn more about these look to the man pages.
•Data manipulation: lets make a file with touch raystest and make it look like below:
1 warrior favorite
2 300 favorite2
3 braveheart favorite3
•Grep: now lets find all instances of a word, type: grep favorite raystest. This should output all 3 lines, now lets type: grep warrior raystest, this should output just the line that has warrior on it. Notice how it dumps the whole line not just the word. Now lets just find and output a word from the file using the pipe command. Type: grep warrior raystest | cut -d “ “ -f 2 in this command the -d is for delimiter, which in this case would be the space that’s in the line (1 warrior favorite), and the -f is the field in that line, being the second column. So its saying that in the second column if there is a word called warrior then output it to screen (warrior, 300 and braveheart are in the second column). Notice that if you rerun that command and change the -f 2 to a -f 3 it will output the word “favorite”, this is because it found the word warrior, so take that line and give me the value of whats in the 3rd column.
•Sed: you can also use sed to manipulate the data based on certain patterns and expressions. So lets say I had a long file and I needed to replace every instance of a certain word, sed is what you can use. With sed a / is the delimiter character, so lets say I wanted to replace every instance of favorite with awesome, type: sed ‘s/favorite/awesome/’ raystest this should output the text from our file but now it will say awesome, awesome2, and awesome3
•Awk: you can use to do pattern matching, so lets say in my file I wanted to find entries in the first column that were higher than 1, I would type: awk ‘$1 > 1’ raystest this will output the 2nd and 3rd line of my file. Then if I only wanted it to say “1 warrior, 2 300, and 3 braveheart” thus omitting the favorite words, I would type: awk ‘{print $1,$2;}’ raystest thus telling it to print to screen only the first and second columns.
•Starting services: when you do a fresh install of kali linux, postgresql and metasploit are not started by default, so if you want to start a service you type: service postgresql start, or service apache2 start, etc. now to make these start on bootup you have to manipulate the update-rc.d, so type: update-rc.d postgresql enable, then type in update-rc.d metasploit enable, now when you restart kali it will auto start these services
•Setting up networking in kali: ifconfig is the command to list the same stuff ipconfig does. The command route will show you the routing tables including what your gateway is. So to set a static address just on the fly you find what your eth interface number is and type: ifconfig eth0 10.0.0.20/24 to put this in a class c address. To make sure the static address persists upon restarts you have to edit the file under /etc/network/interfaces. I just opened this in leafpad, note the auto lo, iface lo inet loopback lines, that’s for the loopback address. So comment out the next section which is probably the dhcp ones, right below it type in:
auto eth0
iface eth0 inet static
address 10.0.0.20
netmask 255.255.255.0
gateway 10.0.0.4
once that’s done, save it and then restart networking with the command: service networking restart
•To view network connections such as ports listening , etc, type: netstat -antp
* if i type history in bash it will show me all the commands that i recently typed. This is good for quick re commands but bad if a hacker gets a hold of this because it will also have the passwords i entered. so like if i was downloading with wget and i did like --user ray --password lamepassword http://somesite.com , this stuff gets logged in bash history. so how about we store our passwords in temporary variables like so: so for this we need to define a variable and we do this with the read command. read -e -s -p "pass?" password hitting enter should put us in an interactive prompt showing pass? and here is where we type in our password (you cant see it as you type it). -e is If the standard input is coming from a terminal, readline is used to obtain the line. -s is Silent mode. If input is coming from a terminal, characters are not echoed. -p mode is The prompt is displayed only if input is coming from a terminal. we can do echo $password to see the password i just typed. so now our wget command would look like this : wget --user ray --password "$password" http://somesite.com. run history again and see that the plain text password is not there.
* export HISTORYCONTROL="ignorespace" is a way to get around having some stuff recorded in bash history. Now if i type a space (sometimes two spaces if it doesnt work) before my command it will not record it in bash history.
* also you can do export HISTIGNORE="pass:wget:ls" and now the history will ignore anything with the words pass, wget, and ls.
* if i type password="1234" then echo $password , it will echo that value of 1234. but if i do unset password, this will release the variable and when i type echo $password i get nothing
* if i want to delete something out of history i type history -d and then the number of that entry in history. so like history -d 15 will delete whatever is in the 15th history entry.
keyboard shortcuts: if im at the end of a line, hitting my home key brings me back to beginning. the end key will bring you back to the end of the line. control + U clears the whole line (as opposed to me backspacing all of it). control + L clears the screen.
lsof will show a list of open files. I can check all the details including the tcp connections and addresses of a firefox instance i have up and running by typing lsof -i -n -P | grep firefox. the -i option selects the listing of files any of whose Internet address matches the address specified in i. If no address is specified, this option selects the listing of all Internet and x.25 (HP-UX) network files. the -n option inhibits the conversion of network numbers to host names for network files. Inhibiting conversion may make lsof run faster. It is also useful when host name lookup is not working properly. the -P option inhibits the conversion of port numbers to port names for network files. Inhibiting the conversion may make lsof run a little faster. It is also useful when port name lookup is not working properly.
try netstat -tupac, lotsa info on your current connections
df command shows you the current free disk space, free command shows you the current free memory
pwd is print working directory
if i want to list all the stuff in Documents and list all the stuff in Pictures, I dont have to do 2 ls commands I just type ls Documents Pictures and it will show both (not backtrack but just regular ubuntu or similar distro
* ls -lt will add a time option to the list
* if i want to find out what type of file i have i type in file then the name of the file. example: file dateping.sh will tell me its a posix shell script
* less command lets me view a text files contents in terminal. Q will quit me out of there
* wildcards: if i wanted to move any files that start with the letters "up" i would type mv [up]*, now anything that starts with "u" , mv u*, now anything that starts with "u" and is the extension of .bin, mv u*.bin.
* filenames are case sensitive (like when moving and copying)
* spaces in filenames confuse bash as well
* two exclamation marks !! will run the last command
* type command will tell me what time of command im running. For instance if i wanted to see what type of command "type" is i type in type type, and it will show that its a shell builtin command
* which command will tell me where the commands are found. so if i type in which ls, it will show that the ls command is found in /bin/ls. it doesnt work for aliases to executables, like if i typed in which cd i get nothing as its just an alias for change directory
* help cd will tell me about the cd command
* mkdir --help will tell me help about mkdir
* man ls will give me the manual page for ls, I hit q to get out of it.
* apropos will show me all instances of a word , like apropos passwd.
* whatis will also tell me what a command is, whatis ls
* info will give me verbose info about a command
* i can chain commands together on the same line using semicolons between each command. So if i wanted to change to a directory and also look at its contents, then send me back to my working directory: cd /usr; ls;cd - would do this for me
* now lets say i wanted to make that last command an alias called foo, i would do alias foo='cd /usr;ls;cd -' now i can just type foo and it will run it. This will not persist when i close the terminal however. to make it permanent, gedit .bashrc and under the section that has aliases, put your alias there and save it. then close the current terminal and reopen it and you should be able to use it now with the alias name. if you do type myfoo you will see all the commands that are strung. You can move that bashrc file to other machines to persist your aliases across other machines
* unalias foo will take away that alias
* all the programs in the terminal give you some sort of output, whther it be a result or an error message. these are sent over to a file called standard output, stdout for short. that messages to a file called standard error, stderr for short. by default these files arent saved to the disk. the keyboard is automatically tied to the stdin , which is standard input. so we can change where the output goes and where the input comes from, rather than just the keyboard. so if i did ls -l /usr/bin in the terminal it will print to screen, but if i do ls -l /usr/bin > ls-output.txt, it will output it to a text file. Now if i had this file and typed ls -l /bin/usr > ls-output.txt, this will give an error because /bin/usr doesnt exist. This will also overwrite whatever was previously in the ls-output.txt file. this means it will be empty because it will have started writing to it , but stopped when it got this error. now if i want to append files to an existing one and not overwrite the data in it it use >> so like ls -l /usr/bin >> ls-output.txt, and then ls -l /usr/bn >> ls-output.txt will make this file doubled in size.
* cat is used to display the results as well, like cat ls-output.txt will print to console all of the content in that file. i can also use it to concatenate or join various files that are in succession. example, if i had movie.avi.001, movie.avi.002, and movie.avi.003 and i wanted to join them together i would type cat movie.avi.0* > movie.avi. I can also use cat to make content for a new text file. So if i type cat > newtext.txt and hit enter it will just wait there for input. So if i type the words this is a test and hit enter then type of the broadcast network and hit ctrl + d, ctrl + d , it will bring me back to the prompt. then if i open that text file it will have the content in there as i typed it.
* echo with a letter then an asterix will show you all the files in your current directory that start with that letter. echo *p will show all the files in this directory that start with p. this is also case sensitive. echo [[:upper:]]* will show everything in this dir that is uppercased.
* to find hidden files iin the directory your in : ls -d .[!.]?* you could also use ls -la
MAC Times
ModifyModify the contents of the file
AccessWhen the files was accessed last
ChangeMetadata change
Use the "touch -mac filename" command to update all of them at the same time
Permissions
UserGroupOthers
R400040004
W200020002
X100010001
SUID4000
SGID2000
Examples:
User can RWX, Group can RW and Others can R 764
User can RW, Group can R and others can R 644
SGID bit set, all users can RWX 2777
SUID bit set, all users can RWX 4777
SUID and GUID bit set, all users can RWX 6777
Linux Commands
CommandNotable OptionsDescription
Using Linux (Basic Commands)
man/ Manual pages
ls-l Looksee into a directory
cd Change directory
pwd Print working directory
touch-macr Create a file or update its attributes
mv Move a file
rm Remove a file
mkdir Make a directory
grep String search utility
more Paginate the output to the console
nano Simple text editor
vi Powerful text editor
gcc-o Compile from source code
Administration and Troubleshooting
dd Create an image file of a volume or device
file Query a file for its type
netstat List state of TCP/UDP ports
dig DNS Zone transfer
host Look up DNS records
lsof List open files
psaux View process list
rpcinfo Enumerate portmapper
smbclient-L List or use SMB shares
md5sum Calculate MD5 hash
Comments
Post a Comment