Linux basics
- See also Linux log files
Linux folders
/
: Root/var
: Variable Data / Log Files/bin
: Binaries / User Commands/sbin
: Sys Binaries / Admin Commands/root
: Home dir for root user/boot
: Store kernel/proc
: Direct access to kernel/dev
: Hardware storage devices/mnt
: Mount devices/etc
: Contain all your system configuration files in it e.g.- Hosts file
- Firewall settings
- Password files
/etc/sudoers
that controls- Who can run what commands as what users on what machines
- Special things such as whether you need a password for particular commands
- See also path obfuscation | Evading IDS
File permissions in Linux
- Assigned via the use of the binary equivalent for each
rwx
group - Read-only is equivalent to 4, write is 2, and execute is 1
- To accumulate permissions, add the numbers
- 4 is read-only
- 6 is read and write
- 7 is read, write and execute
- Order
- First number corresponds to the user
- Second to the group
- Third is to all others.
- E.g.
chmod 744 anyfile
- Allow all privileges to the user, read-only for the group, read-only for all others.
Run processes in background
- Using
&
will cause the program to run in the background. - Makes it only useful for programs that do not need input.
- The program will terminate if you log out
- Program can be brought to foreground using
fg <job-number>
📝 Common linux commands
adduser
/addgroup
: adds a new user and group to a system.apropos
: quickly searches the names and descriptions of all available man pages.ar
: creates, modifies, or extracts archives.arch
: prints the machine's architecture.bzip2
: creates compressed file archives in bzip2 format.cal
/ncal
: displays a calendar in the output.cat
: concatenates files, or data provided on standard input, and prints it on the standard output.cd
: changes user's present working directory.chattr
: lists and edits extended filesystem attributes for files and folders like the immutable attribute.chgrp
: changes the group ownership of a file.chmod
: changes access permissions for a file.chown
: changes the ownership and group of a file.cksum
: prints the CRC checksum and byte count for the input.clear
: clears the terminal screen.cmp
: perform byte-by-byte comparison of two files.comm
: compare two sorted files line-by-line.cp
: copying files and directories.cpulimit
: limits the CPU usage of a processcsh
: switches between Linux user shells.csplit
: splits a file into sections determined by context lines.curl
: downloads files from the internet by HTTP or HTTPS.date
: prints or sets the system date and time.dd
: copies a file, converting and formatting according to the operands.df
: displays the file system disk space usage in output.diff
|diff3
: compare two files line by line.dig
: query DNS servers and to resolve DNS records.dir
: lists directory contents.dirname
: strips last component from a file name/path.dmesg
: prints or controls the kernel ring buffer.dmidecode
: command prints a system's DMI (aka SMBIOS) table contents in a human-readable format.dpkg
: a package manager for Debian/Debian-based systems.du
: displays disk usage of files present in a directory as well as its sub-directories.echo
: displays whatever input text is given to it.ed
: a line-oriented text editor.eject
: eject removable media (typically, a CD ROM or floppy disk).env
: displays the current environment, and edit it.exit
: causes the shell to exit.expand
: converts tabs present in the input file(s) into spaces, and writes the file contents to standard output.expr
: evaluates expressions e.g.expr 1 + 2
outputs3
.factor
: prints the prime factors of the input number.fgrep
: grep with -F option not treating regular expression metacharacters as special, processing the information as simple string instead.find
: search for files in a directory as well as its sub-directories.fold
: wraps each input line to fit in specified width.free
: displays the amount of free and used memory in the system.grep
: searches for a specified pattern in a file (or files) and displays in output lines containing that pattern.groups
: displays the name of groups a user is part of.gzip
: compresses the input file, replacing the file itself with one having a .gz extension.gunzip
: compressed with gzip command can be restored to their original form using the gunzip command.head
: displays the first 10 lines of the file to standard output.hostname
: displays and sets the system's host name.history
: display the history of commands that you typed in on the shell.id
: prints user and group information for the current user or specified username.ifconfig
: fetch esinformation related to network interfaces and configure network interfaces.join
: joins lines of two files on a common field.kill
: helps user kill a process by its ID sending the TERM signal to it.killall
: kills a process by its name.last
: shows listing of last logged in users.ldd
: displays in output dependencies of a shared library.ln
: creates link between files.locate
: locate command helps user find a file by name.logname
: prints the user-name of the current user.look
: displays lines beginning with a given string.ls
: lists contents of a directory in output.lshw
: extracts and displays detailed information on the hardware configuration of the machine.lscpu
: displays in output system's CPU architecture information (such as number of CPUs, threads, cores, sockets, and more).lsof
: displays information related to files opened by processes.man
: access reference manual for commands, programs/utilities, as well as functions.md5sum
: print or check MD5 (128-bit) checksums.mkdir
: creates directories.mkfifo
: creates named pipes.more
: a filter for paging through text one screenful at a time.mv
: either moves a file from one directory to another, or renames it.nano
: launches the 'nano' text editor.netstat
: prints network connections, routing tables, interface statistics, masquerade connections, and multicast memberships.- Used for e.g. Port monitoring | Malware analysis
nice
: runs a program with modified scheduling priority.nl
: writes contents of a file to output, and prepends each line with line number.nm
: display symbols from object files.nproc
: displays the number of processing units available to the current process.od
: dump files in octal as well as some other formats.passwd
: used for changing passwords for user accounts.paste
: merges lines of filespidof
: gives the process ID of a running program/process.ping
: checks whether or not a system is up and responding.ps
: displays information (in the form of a snapshot) about the currently active processes.pstree
: produces information about running processes in the form of a tree.pwd
: displays the name of current/working directory.rm
: removes files and/or directories.rmdir
: deletes empty directories.scp
: securely copies files between systems on a network.screen
: keeps a terminal session open even when your SSH connection is interrupted,sdiff
: performs a side-by-side merge of differences between two files.sed
: a stream editor that allows users to perform basic text transformations on an input stream (a file or input from a pipeline).seq
: prints numbers from FIRST to LAST, in steps of INCREMENT,sha1sum
: print or check SHA1 (160-bit) checksums.shutdown
: shut the system in a safe way.size
: lists the section sizes as well as the total size for an object or archive file.sleep
: specify delay for a specified amount of time.sort
: sort lines of text files.split
: splits a file into fixed-size pieces.ssh
: basically OpenSSH SSH client.ssh-keygen
: creates a private/public key pair for SSH.stat
: displays status related to a file or a file-system.strings
: displays in output printable character sequences that are at least 4 characters long.su
: change user-identity.sudo
: lets a permitted user run a command as another user (usually root or superuser).sum
: prints checksum and block counts for each input file.tac
: prints input files in reverse.tail
: displays in output the last 10 lines of a file.talk
: lets users talk with each other.tar
: creates as well as extract archive files.tee
: reads from standard input and write to standard output as well as files.test
: checks file types and compare values.time
: summarizes system resource usage of a program.top
: gives a dynamic real-time view of a running system (in terms of its processes).touch
: changes file timestamps (the access and modification times).tr
: translates/squeezes/deletes characters.tty
: prints the filename of the terminal connected to standard input.uname
: prints certain system information.unexpand
: convert spaces into tabs.uniq
: report or omit repeated lines.unexpand
: converts spaces present in the input file(s) into tabs, and writes the file contents to standard output.uptime
: tells how long the system has been running.users
: displays in output the usernames of users currently logged in to the current host.vdir
: lists information about contents of a directory (current directory by default).vim
: text/programming editor.w
: displays information about the users currently on the machine, and their processes.wall
: writes and sends a message to other users that are currently logged in.watch
: monitors a program's output.wc
: prints newline, word, and byte counts for a file.wget
: perform a non-interactive download of files from the Web.whatis
: displays single-line manual page descriptions.which
: locates a command - the file and the path of the file that gets executed.who
: shows who is logged on.whereis
: shows in output locations of the binary, source, and manual page files for a command.whoami
: prints effectiveuserid
of the current user.xargs
: builds and executes command lines from standard input.yes
: outputs a string repeatedly until killed.zcat
: displays the content of gzip compressed files.