Basic Linux Commands !

Navigating the filesystem

pwd -present working directory

cd -change directory

cd .. -one step back

ls -lists everything in the folder

cd root/ -back to root directory

cd /XXX/ -takes to back directory folder without navigating to that folder

cd -/ -takes you to root folder

tab –to autocomplete the path

double tab-to check the options available with that name in that directory

mkdir xxx –makes a folder name xxx in the present working directory

rmdir xxx –removes the folder we just made

ls –la –lists hidden files and folder

ls -l -show the long view of the files

ls -r -show the list in reverse order

ls -p -define file types of the list

ls -s -sorts on the basis of file size

ls /path/ -list the contents of the path directory without leaving the current directory

echo “XX” > test.txt –makes a file named test.txt in the present directory which contains XX

cp test.txt Downloads/ -copies this test.txt file to Downloads

rm Downloads/test.txt –removes this test.txt from Downloads

Up Arrow –recalls all previous commands

mv test.txt Downloads/ -moves this test.txt file to Downloads.

locate XXX –locates XXX in the whole filesystem

// In find command after type f is for files and d is for directories //

find . -type f -name “*.php” -find all the files in current directory with .php extension

find . -type f -iname “*.php” -find all the files with .php extension ignoring the case-sentivity

find . -type f -perm 0664 -gives all files with these permissions

find . -size +100k -gives all files with size more than 100k

find . -type f -not -iname “*.php” -gives all the files that are not .php

find . -maxdepth 1 -type f -iname “*.php” -finds the file just within the directory not recursive

find . -maxdepth 1 -type f -iname “*.php” -size +10k -all .php files not recursive more than 10k

grep “Function” file1 file2 file3 -searches for word function in all the files and returns for each file

grep -i “Function” file1 file2 file3 -same but in it it ignores the case sensitivity

grep -n -i “Function” file1 file2 file3 -also gives the line no. where the instances are found

find . -type f -iname “*.php” -exec grep -i -n “function” {} + -find and grep commands used together

find . -type f -iname “*.php” -exec grep -i -n “function” {} + | tee of.txt -shows onscreen as well as save the whole output to of.txt file

updatedb –updates the database

passwd –change the user password

man XX-all the information about XX command in the man page

XX --help -displays the help with the command that you may be needing

 

Users and privileges

drwxr-xr-x -D means directory if - then it’s a file next set contains wxr means the admin has access to read write and execute the file,next set tells about the privileges of the group of people who own the file and the third set tells about the access controls to all other users

//Scripts can only be run with the full access//

cat test.tst -reads the file named test.txt

echo “XXX” > test.tst -creates a file named test.txt which contains text XXX

ls -la -shows all the files in that directory with their access controls

//Our file has only read access//

//To change the access controls//:-

chmod 777 test.txt -changes the access control to wrx

adduser John -adds a new user named john and set the password for john

sudo adduser John sudo -addds John to the sudo group

sudo deluser John -deletes the user

sudo chown root:john test.txt -gives the ownership of the file to user john

cat /etc/passwd -displays the users in the system

cat /etc/shadow -hashing codes of the passwords in the system

su john -switches to user john

passwd root -we can’t change the password for root being the user john

sudo passwd root -we can’t change password for root because john is not in the sudoers file

Common Network Commands

ifconfig -shows the interface type and ip addresses associated to them,netmask and mac address

iwconfig -shows the wireless configuration

ping XXX-show the connection to a particular ipaddress

Ctrl+c -ends a process and brings us back

netstat -ano -shows the active connections running on the machine

route -prints the routing table

Viewing, Creating & Editing files

echo “XXX” -echoes our text back

echo “XXX” > XXX.txt -makes a file with text associated

cat XXX.txt -reads out the content of the file

echo “YYY” > XXX.txt -overwrites the previous file with YYY

echo “YYY” >> XXX.txt -appends the text to the previous file

touch newfile.text -makes a new file

rm ./*.cpp -remove every file with .cpp extension

rm mydir/* -remove everything in mydir but leave the directory intact

rm -rf mydir -removes the directory mydir

nano/vimp/vi newfile.txt -opens text editor to write into our new file

gedit newfile.txt -opens the graphical text editor for your text file

Installing & updating tools

apt-get install XXX -installs an application XXX

apt-get remove XXX -uninstalls an application XXX

apt-cache search XXX* -search for a program we aren’t sure about its name

apt-cache policy XXX -search for the version of application installed on system

sudo dpkg -i path -to install a downloaded package

apt-get update && apt-get upgrade -updates and upgrades our filesystem

apt-get install git -y -installs git and that y automatically checks yes in the installation

git clone XXX.com -clones the application to your current directory

//Read the instructions in the repository while installing the application//

Controlling Kali Services

service apache2 start -starts apache server on your system at a given time

service apache2 stop -stops apache service on your system

service apache2 -lists all services that can be used with apache server

sudo service apache2 restart -restarts the service after doing some change so that we haven’t to stop and start the service again

systemctl enable apache2 -enables apache permanently

systemctl enable ssh -enables ssh service permanently

systemctl enable postgresql -enables postgresql permanently

top -lists all the ongoing processes in the system in realtime

ps aux -gives a list of all the ongoing processes at that time

pgrep liri-browser -list all the process IDs of instances of liri browser running at that time

kill -9 processid -kills the instance of the process with the given id

killall liri-browser -kills all the instances of liri browser at once

crontab -e -opens crontab window where we can schedule any command

Scripting with Bash

sudo apt-get install tcpdump -installs tcp dump

tcpdump -packet sniffer analyze packets coming in and going out of a system

tcpdump -c 10 -captures only 10 packets

//Narrowing down the results//

ping xxxxxxx -shows the connection with a server

ping xxxxxx -c 1 -sends only 1 packet to the connection

ping xxxxx -c 1 > ip.txt -stores this info in a text file

cat ip.txt | grep “64 bytes” -show only the lines with 64 bytes

cat ip.txt | grep “64 bytes” | cut -d “ “ -f 4 -d is delimiter of a space f 4 is field of 4 which gives us only the ip address

cat ip.txt | grep “64 bytes” | cut -d “ “ -f 4 | tr -d “:” -trims out that extra : in the end of the ip address

// Gedit ipsweep.sh -opens a graphical editor for writing down the script //

#!/bin/bash

if [ “&1” == ”” ]

then

echo “You forgot an IP address!”

echo “Synatx: ./ipsweep.sh 192.168.4”

else

for ip in ‘seq 1 254’; do

ping -c 1 $1.$ip | grep “64 bytes” | cut -d “ ” -f 4 | tr -d “:” &

done

fi

// $1 can also be hardcored such as 192.168.4 anything but $1 allows user input and hence enables us to do multiple ipsweeps //

chmod +x ipsweep.sh

./ipsweep.sh

./ipsweep.sh 192.168.1 > iplist.txt

cat iplist.txt -show us all the filtered ip we got after ipsweeping

//looping in one line//

cat iplist.txt -lists all the ip addresses

//running nmap on all these ip//

for ip in $(cat iplist.txt); do nmap -sS -p 80 -T4 $ip & done