I decided to learn and practice some very well-known and Basic Linux Commands.
Basic Linux Commands
· sudo: super user do-allows you to run commands at an elevated privilege
· pwd: shows what directory you are in
· man pwd: shows information about pwd command
· cd: change directory
· cd..: moves back a directory
· cd ~: move back to original directory
· ls: list all the files in directory
· ls la: list long format including hidden files
· mkdir: to make new directory
· rmdir: to remove directory
· mv: move file/folder
· rm: remove file in directory
· passwd: change the user account passwords
· chmod: change permissions
· cat: print content of a file
· cp: copy file/folder to current directory
· adduser: add user
· su: switch user
· locate filename: locate a file
Navigating the File System
Im going to navigate through the file system with some of the basic commands
First things first, let’s find out where are in the terminal.
pwd-print working directory
Type “pwd” and hit enter and the output will tell you what folder you are in
Now you want to know how to get out of the root folder
cd-change directory
If you want to change directory backwards you will
Type “cd ..”
Now check to see where are you
Type “pwd”
You should see / which is just a home folder a generic slash. You cant go any further that this. This is your base folder. This is the lowest you can go.
Now lets try going foward
We really don’t know whats in our directory so we want to look around. Lets be nosy and see what we can find.
ls-list everything in the folder
Type in “ls”
You will notice all of the folders. You will see the colors and the color coordination is for permissions
Now, let’s back into root.
I will let you in on trick I just learned. If you type “cd ro” you can hit tab and it will auto-complete the word for you
Now once you are root you can ls to see what folders are in root
If you want to jump back to see a file you can use cd /filename/-example cd /etc/ now you can double tab to display whats inside
If you want to navigate and open the folder use ls /filename/ example ls /etc/ now you can see everything that’s inside the folder
~: home folder or quickly access a folder
You want to make your own folder
mkdir: make directory
I made a test file and I checked to see if the directory was there
Now I want to remove the test file and check to make sure I removed the file
rmdir: remove directory
ls -la: look for hidden files
Before you didn’t see the .cache file but now you can. I can also look inside to see if there are any files. So be aware that just because its looks like something isn’t there doesn’t mean its not there. It just might be hidden
updated db-update database-you want to use this frequently
make sure you change the password when you first sign up for Kali Linux
passwd-ask for a new password
man-instructions for any command that you are running
Example: man ls
You can scroll and see the information about ls
ls –help : will also provide some help
Users and Privileges
Let’s enter “ls -la” in the terminal to look at permissions
look at the first line and you see – that means it’s a file
if you see a d it’s a directory
rwx-read write execute. It’s the permission settings that this particular group has
you should see 3 groups( See the screenshot above the dash(–) separates the groups)
first group is the owner of the file
next set of group is the permission for the group that own the file-group ownership
last-all the users
This comes into play when you start penetration testing because we are looking to have full access, so we are looking for the full read write execute. If we try to upload like some type of exploit you want to upload it in a folder where you have full read write execute permissions. Other reasons can be so you can modify files so you can change the user and give you root access to a system. It’s all about insecure configurations.
If you create a script you cant run it unless you have full access.
So you want to change access.
Ok let me show you!
chmod-change mode
So you could use “chmod +rwx “filename” ” or you can use “chmod 777 “filename” ” then the file will turn green which means FULL ACCESS!
777-gives you full access across the board
green-is full read write execute across the board
Now you want to add a user
adduser
adduser jane
then enter in new password
then
cat /etc/passwd
so you can check the new user- you should see it at the bottom
We will become very familiar with cat /etc/passwd because it shows us all the users. When we are doing penetration testing will have access to the cat /etc/passwd file because passwords are now in the shadow file (cat /etc/shadow- can use tools to break the hashes down in this file to get passwords) and with cat /etc/passwd we have some information and access information at the hands of poor configuration. If there is ssh on a machine, we could now use the user name if we wanted to try to break into a machine.
now let’s switch to the user Jane
“su Jane”
we were able to access Jane because we were root
root has access permission to do anything but Jane can’t switch back to root because Jane doesn’t know root password nor can she modify the password. Jane doesn’t have that type of access, but she could if she is in the sudoers file
Jane only has base permissions
Sodoers file can change permissions if they are a sudoe user.
This is also big in penetration testing because you can look at the sodoers file if you have access to see what users have sudoers privileges.
This was fun! I learned a lot and I hope you did as well!
Make sure you go practice!
https://anonbut1seeyou.wordpress.com/2021/09/16/day-7-100daysofinfosec-basic-linux-commands/