Skip to content

Latest commit

 

History

History
125 lines (93 loc) · 4.65 KB

06. Intro to Linux.md

File metadata and controls

125 lines (93 loc) · 4.65 KB

Intro to Linux

Sudo overview

sudo: super user do!

cat /etc/shadow will be denied if you're not a super user

sudo su - to switch user to root (super user)

Navigating the file system

  • root is the user
  • kali is the host
  • pwd print working directory
  • ctrl L clean terminal
  • ls list folders and files
  • ls -la long all (hidden files) https://explainshell.com/explain?cmd=ls+-la or man ls or ls --help
  • cd / to give absolute path
  • cd ~ to go home
  • mkdir create directory
  • rmdir remove directory
  • echo 'hi!' to print hi!
  • echo 'hi!' > test.txt to print hi! to a txt file
  • cat test.txt to print out the file hi!
  • cp test.txt Downloads/ to copy file to a subfolder
  • rm Downloads/test.txt to remove a file
  • mv test.txt Downloads/ to move a file
  • find / -name 'test.txt'
  • passwd to update your password (password)

Users & privileges

drwxr-xr-x

  • d for directory
  • rwx read, write, execute for the owner
  • r-x group can read and execute (cannot write)
  • r-x all other users can read and execute (cannot write)

for pentesting, we look for full access

temp directory: drwxrwxrwt (full access)

  • echo 'hello' > hello.txt (read & write permissions by default)
  • chmod to change mode
  • chmod +rwx hello.txt the file is now green (only for owner: -rwxr-xr-x)
  • chmod 777 hello.txt will give -rwxrwxrwx (7 for rwx), 644 rw for owner, read for the others

creating another user:

  • adduser john (useradd)
  • su john
  • cat /etc/passwd at the bottom we can see the user
  • cat /etc/shadow to see the passwords
  • cat /etc/sudoers to see who has to sudo
  • grep 'sudo' /etc/group to see the users part of the group

best practice: we don't want to have a root password, to enforce people to log with their account and be granted the sudo privilege

windows: same hash for the same password, not the case on linux

Common network commands

  • ip a to get your ip (colorful)
  • ifconfig (old way to do it)
  • iwconfig for wireless connections
  • ip n for neighbors (colorful)
  • arp -a  what ip address is associated with what mac address (old way to do it)
  • ip r routing table (colorful), can be different than ip a, we can discover routes to "open" to the external network
  • route (old way to do it)
  • ping 192.168.138.2 ctrl C to stop on linux (loop), only 4 packets sent out on windows (ipconfig)
  • ping WIKIHOW.COM https://www.wikihow.com/Ping-an-IP-Address
  • ping 127.0.0.1 ping yourself
  • netstat to see open ports

some machines doesn't allow icmp traffic, no response doesn't mean it's not online

Viewing, Creating, & Editing files

Starting and Stopping Services

Installing and Updating Tools

su ~ to go to the root sudo apt update && apt upgrade

  • update will check for packages we could update
  • upgrade will do the actual update
  • upgrading on kali linux can break things! always have a backup copy of your linux

apt install package to install a package

brute force o365 github: the kind of search you can make to find tools available on github repos check the number of stars, forks and latest commit

pimpmykali.sh to fix some issues with the current kali distribution

  • create a opt folder and clone the repo
  • run the script and enter N for a new installation
  • say yes to re-enable the ability to login as root, define a pwd root, no need to copy files from kali user.

Bash Scripting

  • ping 172.17.0.1 -c 1 > ip.txt to ping once
  • cat ip.txt | grep "64 bytes" to find the line starting with 64 bytes
  • cat ip.txt | grep "64 bytes" | cut -d " " -f 4 | tr -d ":" cutting out the ip address, d stands for delimiter, we want the 4th field, translate to remove the semi-colon
  • chmod +x ipsweep.sh
  • for ip in $(cat ips.txt); do nmap $ip & done one line to explore all the IPs