1. Linux

The Cyber Mentor Youtube - Linux for Ethical Hackers 2022

• Introduction to the Lab Environment
• Kali Linux overview
• Navigating the File System
• Users and Privilages
• Viewing, Creating and Editing Files

• Installing and Updating Tools

• Zoom = ctrl+shift>++

• (kali@kali) - [~]

  • (user @ hostname) - [location within the current directory]

• sudo

  • super user do

Need help with a command? - Explain Shell - - man command - manual pages - command --help - help associated with command

Navigating the File System

• pwd

  • print working directory
  • prints the directory you are in to the screen

• cd

  • change directory
  • cd ..
    • go back one directory

• ~

  • user's directory

• /home

  • home directory

• /

  • base directory

• ls

  • list files in current working directory

• ls -la

  • long all listing of files in current working directory
  • good for finding hidden files

• ctrl + l clears screen

• working paths

  • starting from
  • to navigate to a file or folder that is not in your current working directory use the working path
  • can use cd/change directories or ls/list files
  • can use ~/users home directory

• mkdir

  • makes a directory or folder in current working directory

• rmdir

  • removes/deletes folder as long as it's empty

• echo "Hi"

  • echoes whatever follows to the screen

• echo "Hi" > test.txt

  • echoes "Hi" and redirects output to the file test.txt

• cp test.txt Downloads/

  • copies the file test.txt and puts the copy in test.txt

• rm Downloads/test.txt

  • removes/deletes test.txt using the working path

• mv test.txt Downloads

  • moves test.txt to Downloads folder
• mv Downloads/test.txt testing.txt
  • moves the test.txt from Download to the current working directory and changes its name

Privilages

r read w write x execute

┌──(kali㉿kali)-[~]
└─$ ls -alsp
total 268
 4 drwxr-xr-x 22 kali kali  4096 Jul 25 05:33 ./
 4 drwxr-xr-x  5 root root  4096 Apr 16 08:55 ../
 4 -rw-r--r--  1 kali kali  1571 Jul 23 09:52 .bash_history
 4 -rw-r--r--  1 kali kali   220 Jul 23 09:30 .bash_logout
 4 -rw-r--r--  1 kali kali  3771 Jul 23 09:30 .bashrc

- ./ First file permissions of the folder - Second column - 1 Character and 3 Groups - First character - d directory - - file - l link - First group - Owner permissions - Second Group - Group permissons - Third Group - Others permissions

┌──(kali㉿kali)-[~]
└─$ ls -aslp /tmp
total 332
  4 drwxrwxrwt 16 root root   4096 Jul 25 05:49 ./
 40 drwxr-xr-x 19 root root  36864 Apr 18 06:14 ../
112 -r--------  1 kali kali 113336 Jul 23 08:08 admin_shield-1.png
112 -r--------  1 kali kali 113336 Jul 23 08:05 admin_shield.png

- note that the permissions of the /tmp folder are wide open - any user can read, write, and execute the files in this folder - including malicious files

• New files are created with the default permissions of

  • user - read, write
  • group - read
  • others - read

    ┌──(kali㉿kali)-[~]
    └─$ echo "Hello" > hello.txt 
    
    ┌──(kali㉿kali)-[~]
    └─$ ls -aslp     
    total 272
    4 -rw-r--r--  1 kali kali     6 Jul 25 06:07 hello.txt
    

• chmod

  • change mode
  • command used to change permissions of a file

• below command only changes the owners permissions

  ┌──(kali㉿kali)-[~]
  └─$ chmod +rwx hello.txt  
  
  ┌──(kali㉿kali)-[~]
  └─$ ls -aslp            
  total 272
  4 -rwxr-xr-x  1 kali kali     6 Jul 25 06:07 hello.txt
  

• below command changes each group with a single number

  ┌──(kali㉿kali)-[~]
  └─$ chmod 777 hello.txt
  
  ┌──(kali㉿kali)-[~]
  └─$ ls -aslp           
  total 272
  4 -rwxrwxrwx  1 kali kali     6 Jul 25 06:07 hello.txt
  

chmod numbers | Number | Permissions | Total | | --- | --- | --- | | 0 | - - - | 0 + 0 + 0 | | 1 | - - x | 0 + 0 + 1 | | 2 | - w - | 0 + 2 + 0 | | 3 | - w x | 0 + 2 + 1 | | 4 | r - - | 4 + 0 + 0 | | 5 | r - x | 4 + 0 + 1 | | 6 | r w - | 4 + 2 + 0 | | 7 | r w x | 4 + 2 + 1 |

## Adding user - Must use sudo to add a user

┌──(kali㉿kali)-[~]
└─$ sudo adduser mike
[sudo] password for kali: 
Adding user `mike' ...
Adding new group `mike' (1002) ...
Adding new user `mike' (1002) with group `mike' ...
Creating home directory `/home/mike' ...
Copying files from `/etc/skel' ...
New password: 
Retype new password: 
passwd: password updated successfully
Changing the user information for mike
Enter the new value, or press ENTER for the default
        Full Name []: 
        Room Number []: 
        Work Phone []: 
        Home Phone []: 
        Other []: 
Is the information correct? [Y/n] y

** /etc/passwd file** - usually readable by all users - used to have all passwords in it - now has storage blanks in it that reference the shadow file - root - 0 id, home folder is /root, shell is /usr/bin/zsh - at the bottom you can find info about what users are on the machine

┌──(kali㉿kali)-[~]
└─$ cat /etc/passwd                                                               130 ⨯
root:x:0:0:root:/root:/usr/bin/zsh
...
www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
...
mysql:x:104:110:MySQL Server,,,:/nonexistent:/bin/false
...
sshd:x:117:65534::/run/sshd:/usr/sbin/nologin
...
nm-openvpn:x:125:130:NetworkManager OpenVPN,,,:/var/lib/openvpn/chroot:/usr/sbin/nologin
nm-openconnect:x:126:131:NetworkManager OpenConnect
...
kali:x:1000:1000:Kali,,,:/home/kali:/usr/bin/zsh
systemd-coredump:x:999:999:systemd Core Dumper:/:/usr/sbin/nologin
theo:x:1001:1001:Theo,1,555-555-5555,:/home/theo:/bin/bash
mike:x:1002:1002:,,,:/home/mike:/bin/bash

• /etc/sudoers

  • sudoers file
  • contains permissions on what users can run commands as root
  • can be accessed to see what users have root privilages
  • % sudo is the sudo group

    ┌──(kali㉿kali)-[~]
    └─$ sudo cat /etc/sudoers 
    #
    # This file MUST be edited with the 'visudo' command as root.
    #
    # Please consider adding local content in /etc/sudoers.d/ instead of
    # directly modifying this file.
    ...
    # User privilege specification
    root    ALL=(ALL:ALL) ALL
    
    # Allow members of group sudo to execute any command
    %sudo   ALL=(ALL:ALL) ALL
    

• /etc/group

  • sudoers group
  • cat out and look for users
  • grep file for sudo to find what users have sudo privilages

    ┌──(kali㉿kali)-[~]
    └─$ cat /etc/group
    root:x:0:
    ...
    sudo:x:27:kali
    

    ┌──(kali㉿kali)-[~]
    └─$ grep 'sudo' /etc/group 
    sudo:x:27:kali
    

** Why no password for Root andAudit purposes?** - bad practice to set a password for Root - Enforces accountability for your users - Rather have users with sudo privilages - with sudo privilages they can escalate into root - logging everytime the escalate in root

** > vs >> ** - > will write over a file - >> will append to a file - when scripting and looping while finding relevant info, we want to append to a file not overwrite it every time we find something

┌─(kali㉿kali)-[~]
└─$ echo "hey" > hey.txt

┌──(kali㉿kali)-[~]
└─$ cat hey.txt                                                         
hey

┌──(kali㉿kali)-[~]
└─$ echo "hey again" > hey.txt

┌──(kali㉿kali)-[~]
└─$ cat hey.txt
hey again

┌──(kali㉿kali)-[~]
└─$ echo "hey again" >> hey.txt                                                                             

┌──(kali㉿kali)-[~]
└─$ cat hey.txt                
hey again
hey again

** touch ** - generates a new blank file

┌──(kali㉿kali)-[~]
└─$ touch newfile.txt                                                                                       

┌──(kali㉿kali)-[~]
└─$ ls
ctf      Documents  hey.txt  newfile.txt  Public          task.sh    Videos
Desktop  Downloads  Music    Pictures     python_scripts  Templates

** in terminal editors ** - vi - vim - nano - can be used to create and edit text files

┌──(kali㉿kali)-[~]
└─$ nano newfile.txt

- mousepad - can be used to create and edit text files

┌──(kali㉿kali)-[~]
└─$ mousepad newfile.txt 

Starting and stopping services

• want to start temporarily or on boot
• web servers
  • apache
  • python
• ssh

• sql

• use ifconfig to find machines ipv4 address

  ┌──(kali㉿kali)-[~]
  └─$ ifconfig                                                                                                127 ⨯
  eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
          inet 192.168.246.131  netmask 255.255.255.0  broadcast 192.168.246.255
          inet6 fe80::20c:29ff:fef5:a0ed  prefixlen 64  scopeid 0x20<link>
          ether 00:0c:29:f5:a0:ed  txqueuelen 1000  (Ethernet)
          RX packets 15  bytes 1866 (1.8 KiB)
          RX errors 0  dropped 0  overruns 0  frame 0
          TX packets 31  bytes 2648 (2.5 KiB)
          TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
  
  lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
          inet 127.0.0.1  netmask 255.0.0.0
          inet6 ::1  prefixlen 128  scopeid 0x10<host>
          loop  txqueuelen 1000  (Local Loopback)
          RX packets 0  bytes 0 (0.0 B)
          RX errors 0  dropped 0  overruns 0  frame 0
          TX packets 0  bytes 0 (0.0 B)
          TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
  

• firefox http://192.168.246.131 shows "unable to connect"
• spin up an apache2 server
  • allows us to host a webpage, files, place malware at 192.168.246.131
  • currently serving what files are located in /var/www/html/index.html on host

  • ┌──(kali㉿kali)-[~]
    └─$ sudo service apache2 start
    

    
• stop apache server

  ┌──(kali㉿kali)-[~]
  └─$ sudo service apache2 stop
  

• host a python server

  ┌──(kali㉿kali)-[~]
  └─$ python3 -m http.server 80
  Serving HTTP on 0.0.0.0 port 80 (http://0.0.0.0:80/) ...
  

  

• stop python server

  • ctrl + c

• systemctl

  • use to start(enable) and stop(disable) services at boot

    ┌──(kali㉿kali)-[~]
    └─$ sudo systemctl enable ssh
    

Updating and Upgrading Kali

• But to complete the update/upgrade you need to be the root user and then run the command below

  ┌──(kali㉿kali)-[~]
  └─$ sudo apt update && apt upgrade
  

• To install just one program use the following

  ┌──(kali㉿kali)-[~]
  └─$ sudo apt install nmap
  

• git

• to download from github

  ┌──(kali㉿kali)-[~]
  └─$ sudo git clone https://github.com/Dewalt-arch/pimpmykali.git