Basic Linux Commands: Difference between revisions
Jump to navigation
Jump to search
| Line 71: | Line 71: | ||
|- | |- | ||
| [[#ex-umount|<code>umount</code>]] || Unmount a filesystem || <code>umount [MOUNTPOINT]</code> | | [[#ex-umount|<code>umount</code>]] || Unmount a filesystem || <code>umount [MOUNTPOINT]</code> | ||
|- | |||
| [[#ex-namei|<code>namei</code>]] || Follow a file path, showing each component || <code>namei PATH</code> | |||
|- | |||
| [[#ex-readlink|<code>readlink</code>]] || Resolve symbolic link to actual path || <code>readlink FILE</code> | |||
|- | |||
| [[#ex-realpath|<code>realpath</code>]] || Print the resolved absolute file path || <code>realpath FILE</code> | |||
|- | |- | ||
| [[#ex-mktemp|<code>mktemp</code>]] || Create a temporary file or directory || <code>mktemp [TEMPLATE]</code> | | [[#ex-mktemp|<code>mktemp</code>]] || Create a temporary file or directory || <code>mktemp [TEMPLATE]</code> | ||
Revision as of 21:29, 16 May 2025
Linux Commands
Linux command‑line tools are the backbone of reconnaissance, exploitation, and post‑exploitation on Unix‑like systems.
Understanding Linux commands provides direct access to system internals, automation, and control. Many security tools and scripts rely on command-line operations for efficiency and precision. In ethical hacking, the ability to navigate filesystems, manage processes, inspect network configurations, and manipulate data through the terminal creates a strong foundation for tasks such as enumeration, privilege escalation, and persistence.
Proficiency with core commands accelerates workflow, reduces reliance on graphical interfaces, and improves situational awareness during engagements. Whether working locally or through remote shells, command-line skills increase control and adaptability across diverse environments.
Common Commands
| Command | Description | Usage |
|---|---|---|
pwd |
Print working directory | pwd
|
cd |
Change directory | cd [DIRECTORY]
|
ls |
List directory contents | ls [OPTIONS] [FILE...]
|
tree |
Recursively list directories as tree | tree [DIRECTORY]
|
mkdir |
Create directory | mkdir [OPTIONS] DIRECTORY
|
rmdir |
Remove empty directory | rmdir DIRECTORY
|
cp |
Copy files or directories | cp SOURCE DEST
|
mv |
Move or rename files/directories | mv SOURCE DEST
|
rm |
Delete files or directories | rm [OPTIONS] FILE...
|
touch |
Create empty file or update timestamp | touch FILENAME
|
ln |
Create hard or symbolic links | ln [OPTIONS] TARGET LINK_NAME
|
stat |
Display detailed file information | stat FILE
|
file |
Detect file type | file FILE
|
basename |
Strip directory and suffix from filename | basename PATH
|
dirname |
Extract directory part of file path | dirname PATH
|
find |
Search for files and directories | find [PATH] [OPTIONS] [EXPRESSION]
|
locate |
Find files using database (faster than find) | locate FILENAME
|
chmod |
Change file permissions | chmod [OPTIONS] MODE FILE
|
chown |
Change file ownership (user) | chown [OPTIONS] USER FILE
|
chgrp |
Change group ownership | chgrp [OPTIONS] GROUP FILE
|
umask |
Set default file permission mask | umask [MASK]
|
tar |
Archive files into tarball | tar -czf ARCHIVE.tar.gz FILES
|
gzip |
Compress files using Gzip | gzip FILE
|
gunzip |
Decompress Gzip files | gunzip FILE.gz
|
zip |
Compress files into ZIP archive | zip ARCHIVE.zip FILES
|
unzip |
Extract ZIP archive | unzip ARCHIVE.zip
|
dd |
Copy and convert data (low-level) | dd if=SOURCE of=DEST bs=BLOCKSIZE
|
mount |
Mount a filesystem | mount [DEVICE] [MOUNTPOINT]
|
umount |
Unmount a filesystem | umount [MOUNTPOINT]
|
namei |
Follow a file path, showing each component | namei PATH
|
readlink |
Resolve symbolic link to actual path | readlink FILE
|
realpath |
Print the resolved absolute file path | realpath FILE
|
mktemp |
Create a temporary file or directory | mktemp [TEMPLATE]
|
Viewing & Text Processing
| Command | Description | Usage |
|---|---|---|
cat |
Concatenate & display files | cat [OPTIONS] FILE...
|
less |
Paginate large files | less FILE
|
more |
View file one page at a time | more FILE
|
head |
Show first lines of a file | head [OPTIONS] FILE
|
tail |
Show last lines / follow file | tail [OPTIONS] FILE
|
grep |
Search for patterns | grep [OPTIONS] PATTERN FILE
|
awk |
Pattern scanning & processing language | awk 'pattern { action }' FILE
|
sed |
Stream editor for filtering & transforming text | sed [OPTIONS] 'SCRIPT' FILE
|
cut |
Remove sections from each line | cut [OPTIONS] FILE
|
tr |
Translate or delete characters | tr SET1 SET2
|
sort |
Sort lines of text files | sort [OPTIONS] FILE
|
uniq |
Filter out repeated lines | uniq [OPTIONS] FILE
|
wc |
Count lines, words, bytes | wc [OPTIONS] FILE
|
nl |
Number lines of a file | nl FILE
|
diff |
Show differences between files | diff FILE1 FILE2
|
tee |
Read from stdin and write to file and stdout | tee FILE |
System & User Info
| Command | Description | Usage |
|---|---|---|
whoami |
Show current user | whoami
|
id |
Display user/group IDs | id [USERNAME]
|
df |
Disk usage overview | df [OPTIONS]
|
du |
Show disk usage for files/directories | du [OPTIONS] [PATH]
|
uptime |
Show how long the system has been running | uptime
|
uname |
System information (kernel, OS, architecture) | uname -a
|
hostname |
Show or set system hostname | hostname
|
date |
Display or set system date/time | date
|
cal |
Display a calendar | cal
|
env |
Show environment variables | env
|
set |
Display shell variables and functions | set
|
history |
List previously executed commands | history
|
ps |
Display running processes | ps aux
|
top |
Real-time system process monitor | top
|
kill |
Terminate process by PID | kill [-9] PID
|
pkill |
Kill processes by name | pkill PROCESS_NAME
|
pgrep |
Search for processes by name | pgrep PROCESS_NAME
|
w |
Show who is logged in and what they are doing | w
|
who |
Show who is logged in | who
|
last |
Show login history | last
|
free |
Show memory usage | free -h
|
User & Group Management
| Command | Description | Usage |
|---|---|---|
useradd |
Add new user | useradd [OPTIONS] USERNAME
|
usermod |
Modify existing user | usermod [OPTIONS] USERNAME
|
userdel |
Remove user | userdel [OPTIONS] USERNAME
|
groupadd |
Create new group | groupadd GROUP
|
groupdel |
Delete group | groupdel GROUP
|
passwd |
Set/modify user password | passwd USERNAME
|
Security & Permissions
| Command | Description | Usage |
|---|---|---|
sudo |
Execute command as another user (root by default) | sudo COMMAND
|
su |
Switch user context | su [USER]
|
setfacl |
Set POSIX ACL on files/directories | setfacl -m u:USER:rwx FILE
|
getfacl |
View POSIX ACL | getfacl FILE
|
Process & Job Control
| Command | Description | Usage |
|---|---|---|
jobs |
List background/paused jobs | jobs -l
|
bg |
Resume job in background | bg %1
|
fg |
Bring job to foreground | fg %1
|
nohup |
Run command immune to hangup | nohup COMMAND &
|
disown |
Remove job from shell’s job table | disown %1
|
nice |
Start task with priority | nice -n 10 COMMAND
|
renice |
Change priority of running PID | renice +5 PID
|
System Monitoring & Performance
| Command | Description | Usage |
|---|---|---|
htop |
Interactive process viewer | htop
|
vmstat |
Report virtual memory stats | vmstat 1
|
iostat |
CPU & I/O statistics | iostat -xz 1
|
iotop |
Real‑time I/O usage | iotop
|
dstat |
Versatile resource stats | dstat -tcm --top-io
|
Disk & Filesystem Management
| Command | Description | Usage |
|---|---|---|
lsblk |
List block devices | lsblk -f
|
blkid |
Locate/print block device attributes | blkid DEVICE
|
fdisk |
Partition table editor (MBR) | fdisk /dev/sda
|
parted |
Partition tool (GPT/MBR) | parted /dev/sda
|
mkfs |
Create filesystem on device | mkfs.ext4 /dev/sda1
|
fsck |
Check/repair filesystem | fsck -f /dev/sda1
|
tune2fs |
Adjust ext2/3/4 filesystem params | tune2fs -l /dev/sda1
|
Networking
| Command | Description | Usage |
|---|---|---|
ping |
Test network connectivity (ICMP) | ping [OPTIONS] DESTINATION
|
curl |
Retrieve data from URLs / APIs | curl [OPTIONS] URL
|
ssh |
Secure remote shell & tunnelling | ssh [OPTIONS] USER@HOST
|
Package & Software Management
| Command | Description | Usage |
|---|---|---|
apt |
Debian/Ubuntu package tool | apt update && apt upgrade
|
dnf |
Fedora/RHEL package manager | dnf install PACKAGE
|
yum |
Legacy RHEL/CentOS package tool | yum remove PACKAGE
|
pacman |
Arch Linux package manager | pacman -Syu
|
dpkg |
Debian low‑level package tool | dpkg -i PACKAGE.deb
|
rpm |
RPM low‑level package tool | rpm -q PACKAGE
|
snap |
Universal package system | snap install APP
|
flatpak |
Sandboxed app manager | flatpak install REMOTE APP
|
Scripting & Automation
| Command | Description | Usage |
|---|---|---|
bash |
GNU Bourne‑Again Shell | #!/usr/bin/env bash
|
sh |
POSIX shell | sh SCRIPT.sh
|
crontab |
Schedule recurring jobs | crontab -e
|
at |
Schedule one‑time tasks | at 02:00 |
alias |
Create command shortcuts | alias ll='ls -alh'
|
export |
Set environment variables | export PATH=$PATH:/custom/bin
|
Help & Documentation
| Command | Description | Usage |
|---|---|---|
man |
Read manual pages | man COMMAND
|
echo |
Display text / variables | echo [STRING]
|
|}
Examples
Print Working Directory
pwdChange Directory
cd /var/wwwls -laCreate Directory
mkdir backupsRemove Empty Directory
rmdir backupsCopy File
cp secrets.txt /tmp/secrets.bakMove & Rename
mv old.log archive/old.logForce‑Delete Directory
rm -rf /tmp/testdirShow File Contents
cat /etc/passwd | grep ":/bin/bash"View Large Log
less /var/log/auth.logFirst 10 Lines
head -n 10 notes.txtFollow File Growth
tail -f /var/log/nginx/access.logSearch Pattern
grep -R \"passwd\" /etcCurrent User
whoamiUser & Group IDs
idHuman‑Readable Disk Usage
df -hShow Last 20 Commands
history | tail -n 20Ping Host 4 Times
ping -c 4 example.comDownload Web Page
curl -o index.html http://example.comSSH on Custom Port
ssh -p 2222 user@targetRead Manual Page
man sshWrite to File
echo \"hacked\" > /tmp/proof.txt