Introduction [Linux Commands in Kali]:
Let’s look at some Linux basics. This is really just to get started – to get ready – to give you some of the prep work you need to do in Linux to get wrapped up in Ethical Hacking or any of our technical security classes.
So once you follow the instructions and you actually have Kali installed, you’ll immediately go to this icon, which is the Terminal icon. And you click on it and a terminal appears. So I’m going to close this and start again.
Click on that and a terminal will appear here. This is where we will do most of our work. I’m going to enlarge this window and make my text a little bigger so you can clearly see what I’m writing here.
One of the most basic and fundamental things when it comes to Linux is knowing where you are and what is in the current directory you are in. To find out what your current working directory is, just PWD: which is short for “print working directory.”
As you can see, we are actually in the root directory by default. Now keep in mind that this is the home profile or home directory of the root account. It is not the same as being in the root of the drive. For example, if I cd / it actually takes me to the root of the drive. And if we look at what’s there, we’ll do PWD this time, it just shows us /.
Now also when I do an ls there are a bunch of other subdirectories in that directory. On the other hand, if I go back to where we were – root, you can see that there are different files. These are the files I created and stuff like that. When you look at your address book, you will see the difference.
The next thing I introduced was the ls command. You’ve seen me do this quickly and it’s just ls and it shows you the contents of your directory. Now if I ran ls -a it shows me all files including hidden files. And one thing you’ll notice in Linux, whenever you see a file that starts with a dot, it means it’s a hidden file. Now that I added l to it: if I did -la instead of just a, the l stands for long file format. We say give us the long file format and show us all the files. The long file format includes extensions and everything else related to the file.
We can see it. We can see that all the attributes, permissions and such are also displayed when we do -la. That’s the basics of looking around in the first place: finding out what your current directory is, and then seeing what’s in that current directory.
It is also important for us to look at the running processes. We can do this by entering the ps -A command, which will show us what our running processes are.
Another thing I want to introduce at this point is the grep. You will use this throughout the course; grep is a way to basically filter on the output and we usually use grep by concatenating the output from 1 command to grep as input.
And the way we do that, for example, we create a list. If I did ls -la it shows me all the files in that directory. If I want to see only the hidden files – if I did ls -la and then roura – and said grep dot, what does that mean – we say simply list everything and then take whatever is the result of that command, put it on grep and grep only dot chains.
Let’s see what happens when we do that. What we see is every file that has a dot in it. Now, on the other hand, we can see that there are several files that I’ve created here that contain the word dns. So, if I did a grep for dns, everything is there; and then grep for dns, then we only see files that have the dns string. That’s part of how we can use grep for a lot of different things.
Other than that, I’m going to start the iceweasel web browser here and minimize it. Now let’s do ps -A again to look at the running processes. Note that it shows us all running processes. I can also reach for just iceweasel, which is a web browser that we just launched here. So, if I said ps -A, put it on grep, and I’ll just go after iceweasel like this. And instead of seeing all the processes, I only see the iceweasel process.
And here we introduce another command: stop processes. In Linux we usually use kill command or killall command. That’s 2 ways I can kill it. I can just do kill -9 and specify the pid for iceweasel, which in this case is 14020. And as we can see, iceweasel is running down here. But when I issue this kill order, you see the iceweasel down here is gone. We can also kill by process.
So if I restart iceweasel and minimize it, I can do killall –v and specify iceweasel and as a result you will see iceweasel disappear again. So there are several different ways to kill processes and to manipulate things in Linux – there are several ways to do it.
Another command that you will use quite a bit is the cat command. You usually use it shorthand for concatenation. First, we’ll use it here to create a file. So I’m just going to create a file called Keatron. And you can do this to create a file with your own name. I’m actually going to create something called demolinux. You can use your name as the file name.
So when we use cat and use the is-greater-than symbol, we get into interactive cat mode. So we create a file called demolinux and it will put us in interactive mode, which means we can edit or add to this file. So if we press enter, I type a line, enter, and then type another line. And then enter and then Control-D is the way to get out of it. That’s Control-D breaking us again.
So, if we read this file with the cat command without the is-greater-than, you can see the results, which is basically what we’re putting into the file up here. If I want to add a line to it or add another line, I can use two is-greater-than’s and generally that means join. Press Enter to close, then Ctrl-D again. Now we have a demolinux cat. We can see that a third line is also added to this file.
What if I say cat this file and pull out just the line or lines that have the word Keatron? We can do this by saying cat the filename, send it to grep through the pipe, and then I go grep for the Keatron string. And it shows those 2 lines.
One thing I have to point out here is that Linux is extremely case sensitive. So, if I were to repeat that command and poked Keatron in lowercase, what you would get is nothing, due to Linux’s case sensitivity. So what I’d literally have to do is either a) make sure I’m case-matched, or with the grep command—I’ll just repeat it with the up arrow—I could pass the -i flag, which basically says ignore case, and how you see we still see the lines we are looking for in this case.
Those are some of the basics of command line browsing, some of the things you’ll use as you walk through this course. Moving on, let’s look at some basic networking stuff. First, one of the first things you want to check is to find out what your current IP address is. And we do that simply by typing the ifconfig command and it will show us what our current IP address is.
Now, in my case, it is this. If you have a fresh installation of Kali, you may not have an IP address yet. And speaking of that, the next thing I want to show you is how to get it. Once you start Kali, it may not do dhcpdiscover by default. But to force it, just type dhclient and go ahead and press enter. Now what you’ll see is the result of you typing ifconfig and when it finishes you’ve succeeded, now you’re back and you’ve got an IP address.
As you go through the course, the instructor will ask you to switch the network configuration in VMWare from nat to bridge or vice versa. Then you’ll find that you’ll have to go and execute this dhclient command to get Linux to go out and get a new IP address based on you moving to a new network. And that’s one of the things that challenges people as we go through the course.
Okay, a few more important things to note: I want you to do this with me. We create a directory using the mkdir command. I want you to name that directory InfosecInstituteToolsandFiles. And I want you to do it exactly like me. Capital I in Infosec, Capital I in Institute, Capital T in Tools and Capital F for Files. Go ahead and create that directory. Do me a favor. We will change this directory and use the cd command for this – just like in DOS.
But instead of writing it all out like it is, go ahead and simply type Infos with a capital I and hit Tab from there. And if you notice, Tab automatically filled in the rest for you without you having to spell it out.
This is an important skill to master because it will make the difference in how fast or how slow you complete your labs. Auto-completion is the key to navigating your file system even when you don’t know where anything is. For example, let’s say I want to go to a file that started with dn, but I don’t know the name. I can read that file with cat and just do dn and press tab. And if you hit the Tab key a few times, Linux will show me every option or every file I can try to interact with.
So now I see that there are several options. Maybe the one I want to look at is dnsdemo. I can finish it or start finishing it. Just do the demo and press Tab again. And it automatically completes the sh part for me. So completing tables is your friend and will be one of the most important parts of going through these labs without any problem in terms of getting through them pretty quickly.