Ethical Hacking Series [Part 2]: Mastering the Linux Command Line

Introduction

Welcome to Part 2 of our Ethical hacking series. In the first part, we set up a virtual lab with Kali Linux and DVWA. Now, we will learn about the command line interface (CLI) of Kali Linux, Important command line tools, Bash Scripting and automation.

Why Learn the Command Line?

The command line is a powerful tool. It lets you communicate with the operating system directly. With it, you can run programs, manage files, and automate tasks. For ethical hackers, mastering the CLI is essential. It helps you work faster and more efficiently.

What is the Command Line Interface (CLI)?

The CLI is a text-based interface. Unlike the graphical user interface (GUI), which uses windows and icons, the CLI uses text commands. You type commands into a terminal to tell the computer what to do. This might seem old-fashioned, but it is very powerful and flexible.

The Importance of the CLI in Kali Linux

Kali Linux is packed with tools for penetration testing and security research. Many of these tools are best used from the command line. Knowing the CLI helps you fully exploit the capabilities of Kali Linux. It also allows you to write scripts that can automate repetitive tasks, making your work more efficient.

By the end of this section, you will feel comfortable using the CLI in Kali Linux. You will be able to navigate the file system, manage files, Create a bash script and run important security tools.

Let’s get started with understanding the basics of the command line interface.

Understanding the Command Line Interface (CLI)

The Command Line Interface (CLI) is a way to interact with your computer using text commands. You type these commands into a terminal, which is a text-based window. The terminal then processes these commands and displays the results.

In Kali Linux, the CLI is crucial. It allows you to access powerful tools and features that might not be available through the graphical user interface (GUI). Many of the hacking and security tools in Kali Linux are designed to be used from the command line. This makes the CLI an essential skill for any ethical hacker.

Using the CLI, you can:

• Run programs and tools
• Manage files and directories
• Configure system settings
• Automate tasks with scripts

Comparison Between CLI and Graphical User Interface (GUI)

The CLI and GUI are two different ways to interact with your computer. Here’s a simple comparison:

Graphical User Interface (GUI):

• Uses windows, icons, and menus.
• Easy to learn and use.
• Good for visual tasks like browsing the web or editing images.
• Slower for repetitive tasks.

Command Line Interface (CLI):

• Uses text commands.
• More difficult to learn but very powerful.
• Excellent for tasks that require precision and repetition.
• Faster for many tasks once you know the commands.

In the GUI, you might click on folders and icons to open files or run programs. In the CLI, you type commands to do the same things. For example:

• To open a folder in the GUI, you double-click it.
• To open a folder in the CLI, you type cd foldername and press Enter.

Each method has its strengths. The GUI is user-friendly and great for beginners. The CLI, though more challenging, offers greater control and efficiency, especially for complex or repetitive tasks.

In ethical hacking, the CLI is often preferred. It allows you to run tools quickly and automate processes. This can save your time and effort.

Significance of the CLI in Kali Linux

In Kali Linux, the CLI is particularly important. Many of the tools in Kali Linux are designed to be used from the command line. These tools allow you to perform tasks such as Scanning networks for vulnerabilities, Exploiting security flaws, and Analysing data packets.

Learning the CLI can seem daunting at first, but with practice, it becomes second nature. As you become more comfortable with the CLI, you’ll find that it opens up a world of possibilities for your ethical hacking activities.

In the next sections, we’ll start with basic commands and gradually move to more advanced topics. By the end, you’ll be well-equipped to use the CLI effectively in Kali Linux. Let’s begin by learning how to navigate the file system using the command line.

Basic Command Line Navigation

Welcome to the basics of command line navigation. Here, we’ll learn how to move around the file system, create and manage directories, and handle files. Let’s start with some fundamental commands.

1. Opening the Terminal:
   To begin, open the terminal. You can do this by clicking the terminal icon on your desktop or by searching for “terminal” in the application menu.
   
   
2. Checking Your Current Directory: pwd
   The first command to learn is pwd, which stands for “print working directory.” This command shows you the current directory you are in. When you type pwd and press Enter, the terminal displays the path of your current directory.
   
3. Listing Files and Directories: ls
   • ls
Typing ls and pressing Enter will list the names of files and directories. 
   • ls -la
     The -l option shows more information, like file permissions, owner, size, and modification date.
4. Changing Directories: cd
   • cd foldername
     To move to a different directory, use the cd command, which stands for “change directory.” Replace foldername with the name of the directory you want to enter.
   • cd ..
     Use this command to go back to the previous directory. The .. symbol represents the parent directory. 
   • cd
     Use this command to go directly to your home directory.
5. Creating Directories: mkdir
   • mkdir newfolder
     To create a new directory, use the mkdir command, which stands for “make directory.” Replace newfolder with the name of the directory you want to create. After creating it, you can navigate into it using cd.
6. Creating and Viewing Files: touch and cat
   • touch filename.txt
     To create an empty file, use the touch command. Replace filename.txt with your desired file name. 
   • cat filename.txt
     To view the contents of a file, use the cat command. If the file has content, cat will display it in the terminal.
     
7. Moving and Renaming Files: mv
   The mv command is used to move or rename files and directories. 
   • mv filename.txt /path/to/destination/
     Replace /path/to/destination/ with the directory path where you want to move the file. 
   • mv oldname.txt newname.txt
     Use this command to rename a file. Replace oldname.txt with the current file name and newname.txt with the new name.
     
8. Deleting Files and Directories: rm and rmdir
   • rm filename.txt
     To delete a file, use the rm command. Be careful with rm, as it permanently deletes files. 
   • rmdir foldername
     To delete an empty directory, use rmdir. To delete a directory and its contents, use rm with the -r (recursive) option.
   • rm -r foldername
     Again, be cautious with this command.
     
     
     

These basic commands are the building blocks of command line navigation. Practice these commands to become more comfortable with the command line. In the next section, we’ll dive deeper into file management and permissions.

Managing Files and Directories

Now, we’ll learn how to work with files and directories in more detail. We’ll cover copying, moving, deleting, and understanding file permissions.

1. Copying Files and Directories: cp
   • cp sourcefile.txt destinationfile.txt
     This command creates a duplicate of the file. Replace sourcefile.txt with the name of the file you want to copy and destinationfile.txt with the name of the new file.
   • cp -r sourcedir destinationdir
     To copy a directory and its contents, use the -r option with cp (recursive copy). Replace sourcedir with the name of the directory you want to copy and destinationdir with the name of the new directory.
2. Viewing and Editing Files: cat, nano, less
   • cat filename.txt
     Use the cat command to see the contents of a file. For larger files, cat might be overwhelming.
   • less filename.txt
     Use less to view files one page at a time.
   • nano filename.txt
     To edit a file, use the nano command, which opens a simple text editor in the terminal. Inside nano, you can navigate with arrow keys, edit the text, and save your changes with Ctrl + O and exit with Ctrl + X.
3. Understanding File Permissions: ls -l and chmod
   File permissions control who has the ability to read, write, and execute a file
   • ls -l filename.txt
     The output will look like this:
     -rw-r--r-- 1 user group 4096 Jan  1 12:00 filename.txt
     The first part, -rw-r--r--, represents the file permissions:
     - : indicates a regular file (could be d for directory).
     rw- : the owner (user) can read and write.
     r-- : the group can read.
     r-- : others can read.
   • chmod u+x filename.txt
     To change file permissions, use the chmod command. Use the above command to give the owner execute permission.
     
   • chmod 755 filename.txt
     To set specific permissions, use numeric codes. Use the above command to set read, write, and execute permissions for the owner, and read and execute for others.
4. Changing File Ownership: chown
   • sudo chown newuser filename.txt
     Use the chown command to change the owner of a file or directory.
   • sudo chown newuser:newgroup filename.txt
     Use this command to change both the owner and the group.

Managing files and directories is a crucial skill in the command line. With commands like cp, mv, rm, rmdir, cat, nano, less, chmod, and chown, you can effectively handle your files and directories. Practice these commands to get comfortable with file management in Kali Linux. In the next section, we’ll look at system administration tasks. Stay tuned!

System Administration Commands

In this section of mastering the command line, we’ll cover essential system administration commands. These commands help you manage processes, disk usage, and package installations. Understanding these commands is crucial for maintaining and troubleshooting your system.

1. Managing Processes
   Viewing Processes: ps
   The ps command shows a snapshot of the current processes running on your system.
   ps
   
   For more detailed information, use ps aux.
   ps aux
   This displays a list of all processes with details like user, PID (process ID), CPU usage, and memory usage.
2. Monitoring Processes: top
   The top command provides a real-time view of running processes.
   top
   It shows the most resource-intensive processes at the top. Press q to exit top.
3. Stopping Processes: kill
   To stop a process, use the kill command followed by the process ID (PID).
   kill PID
   Replace PID with the actual process ID. 
   
   To forcefully stop a process, use:
   kill -9 PID
4. Disk Usage and Space Management
   Checking Disk Space: df
   The df command displays disk space usage of file systems.
   df
   
   For more readable output, use the -h (human-readable) option.
   df -h
5. Checking Directory Sizes: du
   The du command shows the disk usage of files and directories.
   du
   
   To see the total size of a directory, use:
   du -sh dirname
   Replace dirname with the name of your directory.
6. Package Management with APT
   • Updating Package Lists: apt-get update
     Before installing or upgrading packages, update the package lists.
     sudo apt-get update
   • Upgrading Packages: apt-get upgrade
     To upgrade all installed packages to the latest versions, use:
     sudo apt-get upgrade
   • Installing Packages: apt-get install
     To install a new package, use:
     sudo apt-get install packagename
     Replace packagename with the name of the package you want to install.
   • Removing Packages: apt-get remove
     To remove an installed package, use:
     sudo apt-get remove packagename
7. System Information
   • Viewing System Information: name
     The uname command shows system information.
     uname
     For more detailed information, use the -a option.
     uname -a
   • Viewing Memory Usage: free
     The free command displays the amount of free and used memory in the system.
     free
     For human-readable format, use:
     free -h
   • Viewing System Uptime: uptime
     The uptime command shows how long the system has been running.
     uptime
8. Network Management
   • Viewing Network Interfaces: ifconfig
     The ifconfig command displays network interface information.
     ifconfig
     Viewing Network Interfaces: ifconfig
     The ifconfig command displays network interface information.
     ifconfig
     
     To see the new format, you can use:
     ip a
   • Checking Connectivity: ping
     The ping command checks the network connection to a host.
     ping example.com
     Replace example.com with the address you want to check.

These system administration commands are essential for managing and maintaining your Command Line Interface i.e., Kali Linux. Commands like ps, top, kill, df, du, apt-get, uname, free, uptime, ifconfig, and ping will help you monitor processes, manage disk space, handle packages, view system information, and manage networks. In the next section, we will explore networking commands in more detail.

Networking Commands

In this section, we’ll explore essential networking commands in the command line. These commands help you manage network interfaces, check connectivity, and diagnose network issues. Understanding these commands is crucial for any network-related tasks.

1. Viewing Network Interfaces
   • ifconfig
     The ifconfig command shows detailed information about your network interfaces. This command displays the IP address, netmask, and other details of each network interface.
   • IP
     The ip command is a more modern tool for viewing and configuring network interfaces. 
     To display interface information, use:
     ip a
     This provides similar information to ifconfig.
2. Checking Connectivity
   • ping
     The ping command checks the network connection to a host. It sends packets to the specified address and waits for a reply.
     ping example.com
     Replace example.com with the address you want to check. Press Ctrl + C to stop the ping command.
   • traceroute
     The traceroute command shows the path packets take to reach a destination. It helps diagnose where a connection is slow or failing.
     traceroute example.com
     Replace example.com with the address you want to trace.

3. Managing Network Configuration
   • dhclient
     The dhclient command requests an IP address from a DHCP server. Use this command to configure your network interface to obtain an IP address automatically.
     sudo dhclient eth0
     Replace eth0 with the name of your network interface.
   • netstat
     The netstat command displays network connections, routing tables, and interface statistics.
     For more detailed information, use the -r option to view the routing table.
     netstat -r

4. Diagnosing Network Issues
   • nslookup
     The nslookup command queries DNS to find the IP address associated with a domain name.
     nslookup example.com
     Replace example.com with the domain name you want to look up.
   • dig
     The dig command provides more detailed DNS information than nslookup.
     dig example.com
     Replace example.com with the domain name you want to query.
   • route
     The route command shows and manipulates the IP routing table. 
     To view the current routing table, use:
     route -n

5. Capturing Network Traffic
   • tcpdump
     The tcpdump command captures and analyzes network traffic. It’s a powerful tool for troubleshooting network issues.
     sudo tcpdump -i eth0
     Replace eth0 with the name of your network interface. Press Ctrl + C to stop capturing.
   • wireshark
     Wireshark is a graphical tool for capturing and analyzing network traffic. 
     To use Wireshark, install it and start the application:
     sudo apt-get install wireshark
sudo wireshark
     Use the interface to start capturing traffic and analyze packets in real-time.

6. Testing Network Ports
   
   • netcat
     The netcat command, often referred to as nc, is a versatile tool for reading and writing data across network connections. 
     To check if a port is open on a remote host, use:
     nc -zv example.com 80
     Replace example.com with the host and 80 with the port number you want to test.

These networking commands are essential for managing and troubleshooting network connections in Kali Linux. Commands like ifconfig, ip, ping, traceroute, dhclient, netstat, nslookup, dig, route, tcpdump, wireshark, and netcat will help you handle network interfaces, check connectivity, and diagnose network issues. In the next section, we will explore using command line tools for hacking.

Using Command Line Tools for Hacking

In this section, we will explore various command line tools used for hacking. These tools are powerful for penetration testing and security analysis. We’ll cover tools for network scanning, vulnerability analysis, password cracking, and more. Each command line tool will be explained with detailed steps and examples.

1. Network Scanning
   
   • nmap
     nmap (Network Mapper) is a powerful tool for network discovery and security auditing. It can be used to discover hosts and services on a network.
   • nmap 192.168.1.0/24
     Replace 192.168.1.0/24 with your target network range. This command scans all the IP addresses in the specified range and lists the active ones. It is a basic scan of a network.
   • nmap example.com
     Replace example.com with the IP address or domain name of the target host. This command provides a list of open ports and the services running on them. It is used to scan a specific host.
   • nmap -sV example.com
     This command attempts to determine the versions of the services running on the open ports. It can be used for a more detailed scan that includes service detection.
   • netdiscover
     netdiscover is a passive network discovery tool. It can be used to find live hosts on a network without sending much traffic, making it harder to detect.
   • sudo netdiscover -r 192.168.1.0/24
     Replace 192.168.1.0/24 with your target network range. This command lists the IP addresses and MAC addresses of the devices on the network. It is used to perform a network discovery.
2. Vulnerability Analysis
   • nikto
     nikto is a web server scanner that tests for many dangerous files, outdated server software, and other issues. It is a useful tool for finding vulnerabilities in web servers.
   • nikto -h http://example.com
     Replace http://example.com with your target website. nikto will analyze the web server for potential vulnerabilities and provide a detailed report. It is used to scan a web server.
   • wpscan
     wpscan is a WordPress security scanner. It can be used to find vulnerabilities in WordPress installations, such as outdated plugins, weak passwords, and more.
   • wpscan --url http://example.com
     Replace http://example.com with your target WordPress site. It is used to scan a WordPress site. wpscan will check for known vulnerabilities and list potential issues.
3. Password Cracking
   • john
     
     john (John the Ripper) is a fast password cracker. It is used to detect weak passwords by attempting to crack password hashes.
   • john --wordlist=/path/to/wordlist.txt hashfile
     Replace /path/to/wordlist.txt with the path to your wordlist and hashfile with the file containing password hashes. It is used to crack a password hash. john will try each word in the wordlist against the hash.
   • hydra
     hydra is a parallelized login cracker. It supports numerous protocols to attack, such as SSH, FTP, and HTTP.
   • hydra -l username -P /path/to/passwordlist.txt ssh://192.168.1.1
     Replace username with the target username, /path/to/passwordlist.txt with your password list, and 192.168.1.1 with your target IP address. hydra will attempt to log in with each password in the list. It is used to perform a basic brute-force attack on an SSH server.
4. Wireless Network Attacks
   • Aircrack-ng
     aircrack-ng is a suite of tools for auditing wireless networks. It can be used to capture and analyze packets, and to crack WEP and WPA-PSK keys.
     
   • sudo airodump-ng wlan0
     Replace wlan0 with your wireless interface. It is used to start capturing packets. This command will display nearby wireless networks and their details.
   • aircrack-ng -w /path/to/wordlist.txt -b 00:11:22:33:44:55 capturefile.cap
     Replace /path/to/wordlist.txt with your wordlist, 00:11:22:33:44:55 with the target BSSID, and capturefile.cap with the file containing captured packets. It is used to crack a WPA/WPA2-PSK key. aircrack-ng will try each word in the wordlist to find the key.
5. Exploitation
   • msfconsole
     This command opens the Metasploit console, where you can search for and use exploits. msfconsole is the command line interface for the Metasploit Framework, a powerful tool for developing and executing exploit code.
     
   • search name:exploit_name
     Use this command to search for an exploit. Replace exploit_name with the name of the exploit you are looking for.
   • use exploit/path/to/exploit
     Type this to use an exploit.
   • set RHOST 192.168.1.1
     Then, set the target host. Replace 192.168.1.1 with the target IP address.
   • exploit
     Finally, run the exploit with this command.

These command line tools are essential for hacking and penetration testing in Kali Linux. Tools like nmap, netdiscover, nikto, wpscan, john, hydra, aircrack-ng, and msfconsole allow you to perform network scanning, vulnerability analysis, password cracking, wireless network attacks, and exploitation. In the next section, we will explore writing and executing scripts for automation.

Scripting and Automation

In this section, we will explore how to use scripting and automation to streamline repetitive tasks in your command line i.e., Kali Linux. Scripts can save time and reduce errors. We will focus on Bash scripting, a powerful way to automate command line tasks. This section will teach you how to create scripts, make them executable, and automate various tasks using these scripts.

Bash is a Unix shell and command language. Writing scripts in Bash can automate many tasks, from file management to network operations.

1. Creating a Simple Bash Script

To create a Bash script, follow these steps:

1. Open a Text Editor:

Open a text editor like nano, vi, or gedit in your command line. For this tutorial, we’ll use nano.

nano hello.sh

2. Write Your Script:

Type the following lines into the text editor:

#!/bin/bash
echo "Hello, World!"

• #!/bin/bash is called a shebang. It tells the system that this script should be run using the Bash shell.
• echo “Hello, World!” is a command that prints “Hello, World!” to the terminal.

3. Save and Exit:

Save the file and exit the text editor. In nano, you can do this by pressing Ctrl + X, then Y to confirm, and Enter to save.

2. Making the Script Executable

To run the script, it needs to be executable. Use the chmod command to change its permissions:

chmod +x hello.sh

Now, you can run the script:

./hello.sh

This will output: ‘Hello, World!’

3. Automating Tasks with Scripts

Scripts can be used to automate a variety of tasks on your command line. Let’s create some scripts to illustrate this.

Script 1. Backup Script

Automating backups can save time and ensure your data is always safe.

1. Create the Backup Script:

nano backup.sh

2. Write the Script:

#!/bin/bash
# Backup Script
src="/path/to/source"
dest="/path/to/destination"
date=$(date +%Y%m%d)
backup_file="backup-$date.tar.gz"
tar -czf $dest/$backup_file $src
echo "Backup completed: $backup_file"

• src=”/path/to/source” and dest=”/path/to/destination” are variables that store the source and destination directories.
• date=$(date +%Y%m%d) stores the current date in YYYYMMDD format.
• tar -czf $dest/$backup_file $src creates a compressed archive of the source directory.

3. Save and Make the Script Executable:

chmod +x backup.sh

4. Run the Script:

./backup.sh

This script creates a backup of the specified directory and saves it with a date-stamped filename.

5. Scheduling the Script

To run the backup script automatically, use cron, a time-based job scheduler in your command line.

Edit Cron Jobs:

crontab -e

6. Add a Line to Schedule the Script:

For example, to run it daily at midnight:

0 0 * * * /path/to/backup.sh

This line tells cron to run the script at midnight every day.

Script 2. Network Scan Script

Automate network scanning with nmap.

1. Create the Network Scan Script:

nano network_scan.sh

2. Write the Script:

#!/bin/bash
# Network Scan Script
network="192.168.1.0/24"
output="scan-results.txt"
nmap -sP $network > $output
echo "Network scan completed. Results saved to $output."

• network=”192.168.1.0/24″ specifies the target network.
• nmap -sP $network > $output runs the nmap scan and saves the results to scan-results.txt.

3. Save and Make the Script Executable:

chmod +x network_scan.sh

4. Run the Script:

./network_scan.sh

This script scans the specified network and saves the results to a file.

Script 3. Vulnerability Scan Script

Automate web server vulnerability scanning with nikto.

1. Create the Vulnerability Scan Script:

nano vuln_scan.sh

2. Write the Script:

#!/bin/bash
# Vulnerability Scan Script
host="http://example.com"
output="nikto-results.txt"
nikto -h $host -o $output
echo "Vulnerability scan completed. Results saved to $output."

• host=”http://example.com” specifies the target web server.
• nikto -h $host -o $output runs the nikto scan and saves the results to nikto-results.txt.

3. Save and Make the Script Executable:

chmod +x vuln_scan.sh

4. Run the Script:

./vuln_scan.sh

This script scans a web server for vulnerabilities and saves the results to a file.

Script 4. Password Cracking Automation

Automate password cracking with john.

1. Create the Password Cracking Script:

nano crack_password.sh

2. Write the Script:

#!/bin/bash
# Password Cracking Script
wordlist="/path/to/wordlist.txt"
hashfile="hashes.txt"
john --wordlist=$wordlist $hashfile
echo "Password cracking completed."

• wordlist=”/path/to/wordlist.txt” specifies the path to the wordlist.
• john –wordlist=$wordlist $hashfile runs john with the specified wordlist and hash file.

3. Save and Make the Script Executable:

chmod +x crack_password.sh

4. Run the Script:

./crack_password.sh

This script attempts to crack the passwords in the specified hash file using the provided wordlist.

Scripting and automation are powerful techniques to streamline tasks in Kali Linux. By writing Bash scripts, you can automate backups, network scans, vulnerability assessments, and more. In the next section, we will explore advanced scripting techniques.

Conclusion

Throughout this guide, we’ve explored how you can master the Command line by learning command line tools, Bash scripting and automation. Bash Scripts can simplify and streamline various tasks in Kali Linux. From creating simple scripts to automate backups to writing complex scripts for network scanning and vulnerability assessments, we’ve covered a lot.

Learning command line tools, Bash scripting and automation are essential skills for anyone involved in hacking or cybersecurity. They not only make your tasks easier and more efficient but also enhance your ability to manage and secure systems effectively. By mastering these skills, you can automate routine tasks, respond quickly to security threats, and maintain a proactive security posture. Keep practising, exploring, and improving your scripting abilities to become a more proficient and effective cybersecurity professional.

Thank you for following along in this guide. We hope it has provided you with practical skills in Command Line tools, Bash scripting and automation. Stay tuned for more tutorials and advanced topics in our series. Happy scripting!