This repo is for educationnal purposes only, it's me 're'reading Linux Basics for Hackers from Occupytheweb and making some notes and/or adding details and explanations for me, my friends or anyone reading this.
It's a great book that I'd recommand for anyone wanting to learn the basics of Linux (or the hacking journey)
If I had any screenshot from the book, I'll make sure to explicitly say what page it's from and credit the author
First and foremost, we need to set up a VM(virtual machine) and install kali Linux on it.
The "how to set up a VM" is not the goal of this repo so i'll just link some good tutorial for it but "what is a VM" is kinda more interesting.
Here is a really good and detailed tutorial from NetworkChuck:
https://youtu.be/wX75Z-4MEoM?si=HX4IPh_E2KB5JrAP&t=425
- Host Operating System: The original OS installed on your machine.
- Guest Operating System: The OS running within the VM.
- Hypervisor: The software that creates, runs, and manages VMs. Examples include VMware, VirtualBox, and Hyper-V.
Virtual Machines operate by using a software layer called a "hypervisor" to emulate hardware resources. The hypervisor allocates these emulated hardware resources to each VM, making it possible to run multiple OS instances simultaneously.
- Isolation: VMs are isolated from each other, which enhances security.
- Resource Utilization: Make effcient use of hardware by running multiple tasks on the same machine.
- Development: Test and deplay code in various environments easily.
- Learning: Experiment with different OS and software without affection your main system.
- Misconfiguration: Incorrect settings can compromise security.
- Vulnerabilities in the Hypervisor: Security flaws can potentially be exploited.
- Ressource drain: VMs require a share of the system's resources, affecting performance.
- VMware: This is the one I personnaly use (the free version) on my desktop and VMware Fusion on my Mac.I find it to be more snappy than VirtualBox.
- VirtualBox: One of the best, if not the best, open source VM software.
- Parallels: The best VM software to run a Windows VM on MacOS.
- QEMU: The best VM software for Linux users.It's open source and free of charge.
- ETC,ETC,...: There are a lot more VM softwares on the market.Just google the one that suits you best.
Typing:
cd /
Will cd (change directory) you to / which is the root of the filesystem
Typing
pwd
(print working directory) will write the full pathname of the current working directory to the standard output.Like this
In this screenshot you can see that pwd outputs /, that's because it's where we are after cd'ing to /
As you can also see, we're logged in as root.
That's because root is the superuser that has access to everything in the OS.
If you type:
whoami
You'll see this:
I'm going to explain how to log in as root after explaining the other commands shown of the previous screenshot.
But for the note root is the gigachad of the linux system.
The:
ls
command stands for listing, adding -a will show you all the files/directories in your current directory, -h for human readable, -l for long or combine them like in the exemple.
There are other options you can add to a command and the best way to find these option is the command:
man
For exemple, man ls will show you this:
The:
locate
command is to locate things easily and fast.
Here is what it looks like
The problem of locate is that it gives us to much information so linux has another command in order to find exactly what we need.
And that command is:
The:
whereis
that is used to locate the binary executable files of a program. Additionally, it can also locate the source code and manual page files for the program if they are present.
Example:
There is also another command used to locate a specific file associated with an executable command. It's the command:
which
whereis and which both locate command related files. But which is more focused on finding the executable in the PATH, whereas whereis provides a comprehensive search, locating binaries, source files, and man pages.
The find command in UNIX and Linux is a powerful utility for searching and locating files and directories within the filesystem based on various criteria such as names, sizes, types, permissions , modification dates and more. Its versatility and ability to execute commands on the files it finds make it an indispensable tool for system administration, scription, and daily file management tasks.
find [path...] [options...] [expression]
- By Name :
-name 'filename'
searches for files taht match the given filename. User wildcards ('*', '?') for patterns. - By Type :
-type f
for files,-type d
for directories, etc. - By Modification Time :
-mtime +n
for files modified more than n days ago,-mtime -n
for files modified less than n days ago. - By Size :
-size +nM
for files largen than n Megabytes,-size -nM
for smaller. - By Permissions :
-perm 644
for files with a specific permissions. - By Owner :
-user username
for files owned by a specific user. - By Group :
-group groupname
for files belonging gt oa specific group.
Find can also perform action on located files:
-print
: Displays the path of the found items(default action).-exec
: Execute a command on each found item.-delete
: Delete the found items.-ls
: Lists the found items in "ls -l" format.
- Pipelines and redirection :
find
can be combined with other commands using pipes (' | ') and redirection (' > ', '>>') for complex workflows. - Custom scripts : Use
-exec
to run custom scripts on each found item for bespoke processing tasks. - Complex expressions : Combine criteria with logical operators (' -and ', ' -or ', ' -not ') for precised searches.
- Performance : Searches starting from root('/') or other large directories can be time-consuming.
- Deletion : the
-delete
action is irreversible. Use it with caution, preferable with-print
first to see what would be deleted.
Piping and grep
command are fundamental concepts in Linux and Unix-like operating systems, allowing for powerful
command-line data processing and manipulation. Piping, denoted by the pipe character |
, is a mechanism to pass the output
of one command as the input to another command. This allows you to chain together a sequence of commands, creating a
pipeline that can perform complex data processing tasks. Piping is a cornerstone of Unix and Linux philosophy, which
emphasizes small, modular utilities that do one thing well and can be combined in warious ways.
grep
is a command-line utility for searching plain-text data sets for lines that match a regular expression.
Its name comes from the ed
command g/re/p
(globaly search a regular expression and print)
- Search for a specific string in a file:
grep "search_string" filename
- Search for a pattern in multiplefiles:
grep "patern" file1 file2 file3
- Example: You want to find rockyou.txt and check if somepassword of yours is in there
touch
creates empty files. It can also update the access and modification times of a file, but if the file
doesn't exist, touch
creates a new empty file.
touch filename
echo
is primarily used to display a line of text, but when combined with redirection operators, it can also create a
file and write content on it.
echo "some content" > filename
'>' writes the output of echo
to filename
creating the file if it doesn't exist. If it exists, this overwrites its content.
">>' appends the output to the file instead of overwriting it.
printf
is similar to echo but offers more control over the output format, making it usefull for scripting.
printf "some content\n" > filename
cat
concatenates and displays file content(as seen above), but with redirection, it can create files and append content.
cat > filename
will make you type content into the terminal. It will override existing data. Press CTRL+D to end
the input and create/update the file.
cat >> filename
will do append your input to the file.
tee
command reads from standart input and writes to standard output and files. When used with echo
or on its own
pipeline, it can create files. -a
appends content to existing files without overwriting.
echo "content" | tee filename
cp
creates a new file as a copy of an existing file
cp existingfile newfile
dd
is a low-level utility for converting and copying files. It can create files by copying data frmo a source to
a destination. Exemple copy one of the hello file to a new one:
dd if=hello.txt of=world.txt
Opening a non-existent file with a text editor and saving it creates the file with vim
, nano
, emacs
, nvim
, etc..
mktemp
can create a temporary file or directory. Useful in scripts for creating temporary files securely.
mkdir
can create directories.
mkdir newDirectory
you can for exemple create a new directory and copy the files you have unto that new directory like this:
tree will list the contents of directories in a tree-like format. Then you can create the new directory and use
cp to copy whatever you want.
mv
command can be used to move a file or directory to a new location of simply give an existing file a new name. Example:
rmdir
will remove 'empty' directories. If the directory is not empty, you'll have a warning message that the directory
is not empty. In order to remove a non empty directory, you'll need to remove a dir and its content recursevly with
rm -r
like this:
cat "file"
will display the content of a file like said before.
less filename
allows backward and forward navigation through the contents of a file or output stream.
It's espacially usefull for large files because it does not need to read the entire file before starting,
making it faster and more efficient than cat
for large files. Here are (some of) the commands :
Down Arrow, Enter, e, j: Moves forward by one line.
Up Arrow, y, k: Moves backward by one line.
Space bar, Page Down: Advances forward by one page.
Page Up, b: Moves backward by one page.
Right Arrow: Scrolls the view to the right.
Left Arrow: Scrolls the view to the left.
Home, g: Jumps to the beginning of the file.
End, G: Jumps to the end of the file.
/[string]: Searches forward for the specified string.
?[string]: Searches backward for the specified string.
n: Finds the next occurrence in a search.
N: Finds the previous occurrence in a search.
q: Exits the less command.
more filename
is similar to less
but with less functionnality. it allows to scroll up one screen-full at a time,
and scroll down either one line or one screen-full:
Space : go to the next page in accordance with terminal's size.
b : go back one page.
enter : scroll down one line.
= : display the current line number.
":v" : start up the vi text editor at the current line.
head filename
displays the first few lines of a file (default 10). Useful for quickly peeking
at the beginning of files. head -n filename
for a specific number of lines at the beginning of the file.
tail filename
displays the last few lines of a file. -n
for the specific number of lines to display.
-f
to follow the file's growth.
nl filename
similar to cat
but outputs the content with the line numbers. -b a
to number all lines.
-b t
to number non-empty lines.
tac filename
is like cat but it displays the file content in reverse(last line first)
as we can see in this exemple:
awk {print} filename
is primarely a pattern scanning and processing language command, awk
can
be used to view file content with advanced filtering, processing and formatting.
Exemple:
nl
displays line numbers and since many commands can be combined together we can make something like this:
use awk
for a pattern, tac
to display the content in reverse, nl
to display the number of lines
and head -n 6
for the first 6 lines.