Linux 101 #02

Linux Workflow

Navigation

First and foremost, I will give you a website to explain the command you use on the linux shell: ExplainShell

Navigation is essential, like working with the mouse as a standard Windows user. With it, we move across the system and work in directories and with files, we need and want. Therefore, we use different commands and tools to print out information about a directory or a file and can use advanced options to optimize the output to our needs.

Let us start with the navigation. Before we move through the system, we have to find out in which directory we are. We can find out where we are with the command pwd

Only the ls command is needed to list all the contents inside a directory. It has many additional options that can complement the display of the content in the current folder. Using it without any additional options will display the directories and files only. However, we can also add the -l option to display more information on those directories and files.

Normally, for a quick directory listing you use ls -l — it shows all contents of the current directory. But when working in real environments, or doing a pentest after successfully compromising a machine, I usually run ls -lah to display things more clearly (including hidden files) and make the output easier to read.

When using ls -lah we’ll see the total total size used by the files and directories listed in the current directory, which indicates the total size used. That means it used 19M of disk space. Next, we see a few columns that are structured as follows:

  • drwxr-xr-x: Type and permissions.
  • 7: Number of hard links to the file/directory
  •  kali: Owner of the file/directory
  • kali: Group owner of the file/directory
  • 4.0K: Size of the file or the number of blocks used to store the directory information
  • Feb 25 2024: Date and time.
  • .BurpSuite: Directory name

To list the contents of a directory, we do not necessarily need to navigate there first. We can also use “ls” to specify the path where we want to know the contents.

We can do the same thing to navigate to the directory. To move through the directories, we use the command cd. Let us change to the /var/log directory. Of course, we can go to the /var directory first and then /log. Nevertheless, we can also enter the full path and jump there.

 

Since we were in the home directory before, we can quickly jump back to the directory we were last in.

The shell also offers us the auto-complete function, which makes navigation easier. If we now type cd /var/l and press [TAB] twice, we will get all entries starting with the letter “l” in the directory of /var/.

The first entry with a single dot (.) indicates the current directory we are currently in. The second entry with two dots (..) represents the parent directory /var. This means we can jump to the parent directory with the following command. And It very useful when working with LFI on the web exploit

Working with File/Directory

The primary difference between working with files in Linux, as opposed to Windows, lies in how we access and manage those files. In Windows, we typically use graphical tools like Explorer to find, open, and edit files. However, in Linux, the terminal offers a powerful alternative where files can be accessed and edited directly using commands. This method is not only faster, but also more efficient, as it allows you to edit files interactively without even needing editors like vim or nano.

The terminal’s efficiency stems from its ability to access files with just a few commands, and it allows you to modify files selectively using regular expressions (regex). Additionally, you can run multiple commands at once, redirecting output to files and automating batch editing tasks, which is a major time-saver when working with numerous files simultaneously. This command-line approach streamlines workflow, making it an invaluable tool for tasks that would be more time-consuming through a graphical interface.

Let’s begin by learning how to perform key operations like creating, renaming, moving, copying, and deleting files.

Now, let’s say we want to create a new file or directory. The syntax for this is the following:

zed99@host01[/home]$ touch <file_name>
zed99@host01[/home]$ mkdir <directory_name>

When organizing your system, you may need to create multiple directories within other directories. Manually running the mkdir command for each one would be time-consuming. Fortunately, the mkdir command has the -p (parents) option, which allows you to create parent directories automatically.
zed99@host01[/home]$ mkdir -p Document/local/user

With the command mv, we can move and also rename files and directories. The syntax for this looks like this:

zed99@host01[/home]$ mv <file/directory> <newname file/directory>

And the cp is the copy command:

zed99@host01[/home]$ cp <file> <newname file>

In addition to basic file management commands, there are many other powerful ways to work with files in Linux, such as using redirection and text editors. Redirection allows you to manipulate the flow of input and output between commands and files, making tasks like creating or modifying files faster and more efficient. You can also use popular text editors like vim and nano for more interactive editing.

Editing Files

After learning how to create files and directories, let’s move on to working with these files. There are several ways to edit a file in Linux, with some of the most common text editors being Nano, Vi and Vim. However, I’ll start with the Nano editor, which is less commonly used but easier to understand.

To create and edit a file using Nano, you can specify the file name directly as the first parameter when launching the editor. For example, to create and open a new file named notes.txt, you would use the following command:

zed99@host01[/home]$ nano test01.txt

This command will open the Nano editor, allowing you to start editing the file test01.txt immediately. Nano’s straightforward interface (also called “pager”) makes it a great choice for quickly editing text files, especially when you’re just getting started.

Below we see two lines with short descriptions. The caret (^) stands for our “[CTRL]” key. For example, if we press [CTRL + W], a “Search:” line appears at the bottom of the editor, where we can enter the word or words we are looking for. If we now search for the word “we” and press [ENTER], the cursor will move to the first word that matches. To jump to the next match with the cursor, we press [CTRL + W] again and confirm with [ENTER] without any additional information. 

We can save the file by pressing [CTRL + O] and confirm the file name with [ENTER]. After we have saved the file, we can leave the editor with [CTRL + X].

To view the contents of the file, we can use the command cat <file_name>

There are still two pretty powerful tools worth mentioning — Vim and Vi. However, I probably won’t write a post about them for now since these days I mostly use nano (even though Vi was actually the very first text editor I ever used). Maybe when I have some free time, I’ll compile a list of useful Vi commands to keep for later.

Finding Files

It is crucial to be able to find the files and folders we need. Once we have gained access to a Linux based system, it will be essential to find configuration files, scripts created by users or the administrator, and other files and folders. We do not have to manually browse through every single folder and check when modified for the last time.

One of the common tools is which. This tool returns the path to the file or link that should be executed. This allows us to determine if specific programs, like cURL, netcat, wget, python, gcc, are available on the operating system. Let us use it to search for Nmap. If the program we search for does not exist, no results will be displayed.

Another handy tool is find. Besides the function to find files and folders, this tool also contains the function to filter the results. We can use filter parameters like the size of the file or the date. We can also specify if we only search for files or folders.

Syntax:  find <location> <options>

Look at an example of what such a command with multiple options would look like.

The command I use that is: “find /etc -type f -name *.conf -user root -exec ls -al {} \; 2>/dev/null

Now let’s take a closer look at the options I used in the previous command:

  • -type f: Hereby, we define the type of the searched object. In this case, ‘f’ stands for ‘file’.
  • -name *.conf: With ‘-name’, we indicate the name of the file we are looking for. The asterisk (*) stands for ‘all’ files with the ‘.conf’ extension.
  • -user root: This option filters all files whose owner is the root user.
  • -exec ls -al {} \; – This option executes the specified command, using the curly brackets as placeholders for each result. The backslash escapes the next character from being interpreted by the shell because otherwise, the semicolon would terminate the command and not reach the redirection.
  • 2>/dev/null: This is a STDERR redirection to the ‘null device’, which we will come back to in the next section. This redirection ensures that no errors are displayed in the terminal. This redirection must not be an option of the ‘find’ command

It will take much time to search through the whole system for our files and directories to perform many different searches. The command locate offers us a quicker way to search through the system. In contrast to the find command, locate works with a local database that contains all information about existing files and folders. We can update this database with the following command: sudo updatedb

If we now search for all files with the “.conf” extension, you will find that this search produces results much faster than using find. However, this tool does not have as many filter options that we can use. So it is always worth considering whether we can use the locate command or instead use the find command. It always depends on what we are looking for.

 

I think I’ll wrap up the content for #02 here. Stay tuned for the next posts, where we’ll dive deeper into Linux and start getting our hands dirty with the OS!