Gus Khawaja - Kali Linux Penetration Testing Bible

We appreciate your input and questions about this book! Email the author at gus.khawaja@guskhawaja.me, or message him on Twitter at @GusKhawaja.

Kali Linux can be summarized in two simple words: terminal window. If you master your terminal window skills, then you will be one of those elite ethical hackers. In this chapter, you will learn all the essentials of the terminal window so you can start using Kali Linux like a boss.

If you already know how to manage the terminal window, please use this chapter as a reference, or maybe go over it quickly in case there is something new that you haven't learned before. The main goal of this chapter is not only to show you the commands of Kali Linux but to help you deeply understand it through practical examples.

Kali Linux is a Debian‐based operating system developed by Offensive Security, so if you're used to Ubuntu, for example, the commands in the terminal window will look the same since Debian and Kali share an equal distribution.

Here's what this chapter covers:

Kali Linux file system

Terminal window basics

Managing users and groups

Manipulating files and folders

Handling remote connections

Kali Linux system management

Dealing with networking in Kali Linux

Understanding the structure of the file system in Kali Linux is crucial. The directory structure of your Kali OS is based on the Unix Filesystem Hierarchy Standard (FHS), and that's how the directories are structured inside Kali Linux. In Windows, the root directory is C:\, but in Kali Linux, it's a forward slash ( /). Do not confuse the term root directory with the root user's home directory, which is /root, because they are two different things; the latter is the home directory for the root user. Speaking about the root user, it's essential to understand that this user is the equivalent to the Administrator user on Windows operating systems. In the Kali 2020.1 release, Offensive Security introduced the nonroot user by default, which means that you'll need to execute the sudocommand if you want to run high‐privilege tools.

To get a visual representation of the Kali Linux file system directories, open the terminal window and execute the lscommand to list the contents of the root system directory. Take note that by default you will be in the user home directory. To change it, you must execute the cd /command:

kali@kali:~$ cd / kali@kali:/$ ls bin boot dev etc home initrd.img initrd.img.old lib lib32 lib64 libx32 lost+found media mnt opt proc root run sbin srv sys tmp usr var vmlinuz vmlinuz.old

/bin (binaries): This directory holds Linux binaries like the ls command that we executed earlier.

/sbin (system binaries): This directory contains system binary files that serve as administrative commands (e.g., fdisk ).

/ boot : This directory contains the Linux bootloader files.

/ dev (devices): This directory contains the device configuration files (e.g., /dev/null ).

/ sys : This is similar to /dev , which contains configurations about devices and drivers.

/ etc (etcetera): This directory contains all the administration system files (e.g., /etc/passwd shows all the system users in Kali).

/ lib (libraries): This directory contains the shared libraries for the binaries inside /bin and /sbin .

/ proc (processes): This directory holds the processes and kernel information files.

/ lost+found : As the name says, this directory contains the files that have been recovered.

/ mnt (mount): This directory contains the mounted directories (e.g., a remote file share).

/ media : This directory holds the removable media mounted directories (e.g., DVD).

/ opt (option): This directory is used for add‐on software package installation. Also, it is used when installing software by users (e.g., hacking tools that you download from GitHub).

/ tmp (temporary): This is a temporary folder used temporarily; the contents are wiped after each reboot. The tmp folder is a good place to download your tools for privilege escalation once you get a limited shell.

/ usr (user): This directory contains many subdirectories. In fact, /usr/share is a folder that you need to memorize because most of the tools that you use in Kali Linux (e.g., Nmap, Metasploit, etc.) are stored there, and it contains the wordlists dictionary files ( /usr/share/wordlists/ ).

/ home : This is the home for Kali Linux users (e.g., /home/john/ ).

/ root : This is the root user home directory.

/ srv (serve): This folder holds some data related to system server functionalities (e.g., data for FTP servers).

/ var (variable): This folder holds variable data for databases, logs, and websites. For example, /var/www/html/ contains the files for the Apache web server.

/ run (runtime): This directory contains runtime system data (e.g., currently logged‐in users).

There are lots of common commands that we use as penetration testers on a daily basis. Many of these commands will be listed in the upcoming sections or later in this book. In this section, you will see all the general standard tools that I personally use frequently. You will also learn the basic commands that are identified for general use.

First, to open the terminal window from the desktop, you can use the Ctrl+Alt+T key combination instead of opening the application from its icon using the mouse cursor.

If you want to get help for any command that you want to execute, just append ‐hor ‐ ‐ helpto it (some commands require you to use only one of them). For example, if you want to see the different options for the catcommand, just type cat ‐‐helpin your terminal window to get all the help needed regarding this tool. In the next command ( cat ‐h), you'll see that the ‐hoption does not work for the catcommand. Instead, I used the ‐ ‐helpoption. (The catcommand is used frequently to display the contents of a text file in the terminal window.)

kali@kali:~$ cat -h cat: invalid option -- 'h' Try 'cat --help' for more information. kali@kali:~$ cat --help Usage: cat [OPTION]… [FILE]… Concatenate FILE(s) to standard output. With no FILE, or when FILE is -, read standard input. -A, --show-all equivalent to -vET -b, --number-nonblank number nonempty output lines, overrides -n -e equivalent to -vE -E, --show-ends display $ at end of each line -n, --number number all output lines -s, --squeeze-blank suppress repeated empty output lines -t equivalent to -vT -T, --show-tabs display TAB characters as ^I -u (ignored) -v, --show-nonprinting use ^ and M- notation, except for LFD and TAB --help display this help and exit --version output version information and exit Examples: cat f - g Output f's contents, then standard input, then g's contents. cat Copy standard input to standard output. GNU coreutils online help: Full documentation at: or available locally via: info '(coreutils) cat invocation'

To clear the terminal window text, execute the clearcommand or press Ctrl+L to get the job done.

To open a new terminal window tab, from your current terminal session press Ctrl+Shift+T.

To complete the input (e.g., a filename or a command name) automatically, I use the Tab key. What if multiple files start with the same text? Then, if you hit Tab twice, the terminal window will display all the options in place. (The best way to understand this chapter is to open the terminal window and practice while reading the instructions.)