Gus Khawaja - Kali Linux Penetration Testing Bible

To display the hostname of Kali Linux, you simply execute the hostnamecommand in your terminal window:

$hostname root@kali:/# hostname kali

What if you want to change your Kali hostname? Then you will need to edit its configuration file /etc/hostname(enter the desired computer name and don't forget to save and reboot your host).

Knowing the OS information for a Linux host is crucial for privilege escalation. That's how you will know if the version used is vulnerable to privilege escalation (we will talk more about this topic in Chapter 10).

To display the operating system information of a Linux OS (which is Kali Linux in our case), I use the unamecommand, and along with it I display the contents of the /etc/issueconfiguration file:

$uname -a $cat /etc/issue root@kali:/# uname -a Linux kali 5.6.0-kali2-amd64 #1 SMP Debian 5.6.14-2kali1 (2020-06-10) x86_64 GNU/Linux root@kali:/# cat /etc/issue Kali GNU/Linux Rolling \n \l

From time to time, you will probably use special commands related to your PC or VM hardware.

To get the CPU information of your Linux host, you need to open /proc/cpuinfo:

root@kali:/# cat /proc/cpuinfo processor : 0 vendor_id : GenuineIntel cpu family : 6 model : 158 model name : Intel(R) Core(TM) i7-8700 CPU @ 3.20GHz stepping : 10 microcode : 0xd6 cpu MHz : 3192.001 cache size : 12288 KB […]

To get the RAM information of your Kali host, then you will need to open the configuration file /proc/meminfo:

root@kali:/# cat /proc/meminfo MemTotal: 8676820 kB MemFree: 6183876 kB MemAvailable: 7781928 kB Buffers: 55444 kB Cached: 1739668 kB SwapCached: 0 kB […]

To display the attached devices (e.g., disk drives, partitions, etc.), then you have a choice of two commands: either fdisk(which displays more information) or lsblk:

$fdisk -l root@kali:/# fdisk -l Disk /dev/sda: 80 GiB, 85899345920 bytes, 167772160 sectors Disk model: VMware Virtual S Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disklabel type: dos Disk identifier: 0x4a6f3195 Device Boot Start End Sectors Size Id Type /dev/sda1 * 2048 163579903 163577856 78G 83 Linux /dev/sda2 163581950 167770111 4188162 2G 5 Extended /dev/sda5 163581952 167770111 4188160 2G 82 Linux swap / Solaris $lsblk root@kali:/# lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT sda 8:0 0 80G 0 disk ⌙sda1 8:1 0 78G 0 part / ⌙sda2 8:2 0 1K 0 part ⌙sda5 8:5 0 2G 0 part [SWAP] sr0 11:0 1 1024M 0 rom

To display the list of USB devices (e.g., mouse, keyboard, USB stick, etc.), then you have to execute the lsusbcommand:

$lsusb root@kali:/# lsusb Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub Bus 002 Device 004: ID 0e0f:0008 VMware, Inc. VMware Virtual USB Mouse Bus 002 Device 003: ID 0e0f:0002 VMware, Inc. Virtual USB Hub Bus 002 Device 002: ID 0e0f:0003 VMware, Inc. Virtual Mouse Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub

To display all the mounted directories into the file system, then you will need to execute the mountcommand:

$mount root@kali:/# mount sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime) proc on /proc type proc (rw,nosuid,nodev,noexec,relatime) udev on /dev type devtmpfs (rw,nosuid,noexec,relatime,size=4308020k,nr_inodes=1077005,mode=755) […]

Services are servers that can run on your Kali Linux box, such as SSH, web, FTP, etc.

One of the common tasks in penetration testing is to run a web server on your Kali so you can transfer files to your victim machines (I will go into more details later in this book) after getting a remote shell. So, for example, to start the web server on your Kali Linux (for your information, that's not the only way to start a service, but it's my favorite because it's easy to memorize):

root@kali:/# service apache2 start

Here are the remaining commands that you will need to know about managing services:

To Get the status of a service (started, stopped):

$service [service name] status

$systemctl status [service name]

To start a service:

$service [service name] start

$systemctl start [service name]

To stop a service server:

$service [service name] stop

$systemctl stop [service name]

To restart a service:

$service [service name] restart

$systemctl restart [service name]

To enable a service to start on boot automatically:

$systemctl enable [service name]

To disable a service from automatically starting at boot:

$systemctl disable [service name]

The first thing that you need to know before you update your Kali Linux system is that the configuration file for the Kali repository is located at /etc/apt/sources.list:

root@kali:/# cat /etc/apt/sources.list # # deb cdrom:[Kali GNU/Linux 2020.2rc1 _Kali-last-snapshot_ - Official amd64 DVD Binary-1 with firmware 20200505-14:58]/ kali-rolling contrib main non-free #deb cdrom:[Kali GNU/Linux 2020.2rc1 _Kali-last-snapshot_ - Official amd64 DVD Binary-1 with firmware 20200505-14:58]/ kali-rolling contrib main non-free deb http://http.kali.org/kali kali-rolling main non-free contrib # deb-src http://http.kali.org/kali kali-rolling main non-free contrib

To update your Kali Linux system (like Windows Update), execute the updatecommand first and then the upgradecommand. Take note, these two commands will use the earlier configuration file to download and install the necessary files:

$apt update $apt upgrade -y

We're using the ‐yoption in the upgrade command to ignore the prompts where it asks for input. In other words, we're just saying “yes” in advance.

What is the difference between the upgradeand updatecommands? That's a confusing beginner question, and I'm here to help you start using these two commands with confidence. In summary, the updatecommand only updates the package list with the latest versions, but it does not install or upgrade the package. On the other hand, the upgradecommand will upgrade and install the latest version of packages that were already installed (using the updatecommand).

Now, to use these commands together, you will have to use the &&in between, which will eventually run the first command, and when it's done, it will run the second:

$apt update && apt upgrade -y

To fully upgrade from one release to another, execute the full‐upgradecommand along with the updatecommand.

$apt update && apt full-upgrade -y

Now, to list all the installed software packages on Kali Linux, you'll have to use the dpkgcommand:

$dpkg -l

What about installing a new software (package) on Kali? There are two common ways that I use most of the time. The first one is the apt installcommand, and the second one is dpkg(I use the latter only when I download a file that ends with .debextension).

$apt install [package name] -y $dpkg -i [filename.deb]

In some software packages, they will require you to use the configure/ makeinstallation way, if that's the case, then use the following commands (you must be inside the application directory):

$./configure && make && make install

If you want to remove an existing application from your Kali system, then you use the apt removecommand: