Basic Linux Commands

From HackOps
Revision as of 08:14, 20 June 2025 by Vegard (talk | contribs) (Replace Text In File Preview)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Linux Commands[edit | edit source]

Linux command‑line tools are the backbone of reconnaissance, exploitation, and post‑exploitation on Unix‑like systems.

Understanding Linux commands provides direct access to system internals, automation, and control. Many security tools and scripts rely on command-line operations for efficiency and precision. In ethical hacking, the ability to navigate filesystems, manage processes, inspect network configurations, and manipulate data through the terminal creates a strong foundation for tasks such as enumeration, privilege escalation, and persistence.

Proficiency with core commands accelerates workflow, reduces reliance on graphical interfaces, and improves situational awareness during engagements. Whether working locally or through remote shells, command-line skills increase control and adaptability across diverse environments.


Common Commands[edit | edit source]

Navigation & File Management[edit | edit source]

Command Description Usage
pwd Print working directory pwd
cd Change directory cd [DIRECTORY]
ls List directory contents ls [OPTIONS] [FILE...]
tree Recursively list directories as tree tree [DIRECTORY]
mkdir Create directory mkdir [OPTIONS] DIRECTORY
rmdir Remove empty directory rmdir DIRECTORY
cp Copy files or directories cp SOURCE DEST
mv Move or rename files/directories mv SOURCE DEST
rm Delete files or directories rm [OPTIONS] FILE...
touch Create empty file or update timestamp touch FILENAME
ln Create hard or symbolic links ln [OPTIONS] TARGET LINK_NAME
stat Display detailed file information stat FILE
file Detect file type file FILE
basename Strip directory and suffix from filename basename PATH
dirname Extract directory part of file path dirname PATH
find Search for files and directories find [PATH] [OPTIONS] [EXPRESSION]
locate Find files using database (faster than find) locate FILENAME
chmod Change file permissions chmod [OPTIONS] MODE FILE
chown Change file ownership (user) chown [OPTIONS] USER FILE
chgrp Change group ownership chgrp [OPTIONS] GROUP FILE
umask Set default file permission mask umask [MASK]
tar Archive files into tarball tar -czf ARCHIVE.tar.gz FILES
gzip Compress files using Gzip gzip FILE
gunzip Decompress Gzip files gunzip FILE.gz
zip Compress files into ZIP archive zip ARCHIVE.zip FILES
unzip Extract ZIP archive unzip ARCHIVE.zip
dd Copy and convert data (low-level) dd if=SOURCE of=DEST bs=BLOCKSIZE
mount Mount a filesystem mount [DEVICE] [MOUNTPOINT]
umount Unmount a filesystem umount [MOUNTPOINT]
namei Follow a file path, showing each component namei PATH
readlink Resolve symbolic link to actual path readlink FILE
realpath Print the resolved absolute file path realpath FILE
mktemp Create a temporary file or directory mktemp [TEMPLATE]

Viewing & Text Processing[edit | edit source]

Command Description Usage
cat Concatenate & display files cat [OPTIONS] FILE...
less Paginate large files less FILE
more View file one page at a time more FILE
head Show first lines of a file head [OPTIONS] FILE
tail Show last lines / follow file tail [OPTIONS] FILE
grep Search for patterns grep [OPTIONS] PATTERN FILE
awk Pattern scanning & processing language awk 'pattern { action }' FILE
sed Stream editor for filtering & transforming text sed [OPTIONS] 'SCRIPT' FILE
cut Remove sections from each line cut [OPTIONS] FILE
tr Translate or delete characters tr SET1 SET2
sort Sort lines of text files sort [OPTIONS] FILE
uniq Filter out repeated lines uniq [OPTIONS] FILE
wc Count lines, words, bytes wc [OPTIONS] FILE
nl Number lines of a file nl FILE
diff Show differences between files diff FILE1 FILE2
tee Read from stdin and write to file and stdout tee FILE

System & User Info[edit | edit source]

Command Description Usage
whoami Show current user whoami
id Display user/group IDs id [USERNAME]
df Disk usage overview df [OPTIONS]
du Show disk usage for files/directories du [OPTIONS] [PATH]
uptime Show how long the system has been running uptime
uname System information (kernel, OS, architecture) uname -a
hostname Show or set system hostname hostname
date Display or set system date/time date
cal Display a calendar cal
env Show environment variables env
set Display shell variables and functions set
history List previously executed commands history
ps Display running processes ps aux
top Real-time system process monitor top
kill Terminate process by PID kill [-9] PID
pkill Kill processes by name pkill PROCESS_NAME
pgrep Search for processes by name pgrep PROCESS_NAME
w Show who is logged in and what they are doing w
who Show who is logged in who
last Show login history last
free Show memory usage free -h

User & Group Management[edit | edit source]

Command Description Usage
useradd Add new user useradd [OPTIONS] USERNAME
usermod Modify existing user usermod [OPTIONS] USERNAME
userdel Remove user userdel [OPTIONS] USERNAME
groupadd Create new group groupadd GROUP
groupdel Delete group groupdel GROUP
passwd Set/modify user password passwd USERNAME

Security & Permissions[edit | edit source]

Command Description Usage
sudo Execute command as another user (root by default) sudo COMMAND
su Switch user context su [USER]
setfacl Set POSIX ACL on files/directories setfacl -m u:USER:rwx FILE
getfacl View POSIX ACL getfacl FILE

Process & Job Control[edit | edit source]

Command Description Usage
jobs List background/paused jobs jobs -l
bg Resume job in background bg %1
fg Bring job to foreground fg %1
nohup Run command immune to hangup nohup COMMAND &
disown Remove job from shell’s job table disown %1
nice Start task with priority nice -n 10 COMMAND
renice Change priority of running PID renice +5 PID

System Monitoring & Performance[edit | edit source]

Command Description Usage
htop Interactive process viewer htop
vmstat Report virtual memory stats vmstat 1
iostat CPU & I/O statistics iostat -xz 1
iotop Real‑time I/O usage iotop
dstat Versatile resource stats dstat -tcm --top-io

Disk & Filesystem Management[edit | edit source]

Command Description Usage
lsblk List block devices lsblk -f
blkid Locate/print block device attributes blkid DEVICE
fdisk Partition table editor (MBR) fdisk /dev/sda
parted Partition tool (GPT/MBR) parted /dev/sda
mkfs Create filesystem on device mkfs.ext4 /dev/sda1
fsck Check/repair filesystem fsck -f /dev/sda1
tune2fs Adjust ext2/3/4 filesystem params tune2fs -l /dev/sda1


Networking[edit | edit source]

Command Description Usage
ping Test network connectivity (ICMP) ping [OPTIONS] DESTINATION
curl Retrieve data from URLs / APIs curl [OPTIONS] URL
ssh Secure remote shell & tunnelling ssh [OPTIONS] USER@HOST

Package & Software Management[edit | edit source]

Command Description Usage
apt Debian/Ubuntu package tool apt update && apt upgrade
dnf Fedora/RHEL package manager dnf install PACKAGE
yum Legacy RHEL/CentOS package tool yum remove PACKAGE
pacman Arch Linux package manager pacman -Syu
dpkg Debian low‑level package tool dpkg -i PACKAGE.deb
rpm RPM low‑level package tool rpm -q PACKAGE
snap Universal package system snap install APP
flatpak Sandboxed app manager flatpak install REMOTE APP

Scripting & Automation[edit | edit source]

Command Description Usage
bash GNU Bourne‑Again Shell #!/usr/bin/env bash
sh POSIX shell sh SCRIPT.sh
crontab Schedule recurring jobs crontab -e
at Schedule one‑time tasks at 02:00
alias Create command shortcuts alias ll='ls -alh'
export Set environment variables export PATH=$PATH:/custom/bin


Help & Documentation[edit | edit source]

Command Description Usage
man Read manual pages man COMMAND
echo Display text / variables echo [STRING]

|}

Examples[edit | edit source]

Print Working Directory[edit | edit source]

pwd
# Output:
# /home/user

↑ Commands

Change Directory[edit | edit source]

cd /var/www
# Output:
# (no output)

↑ Commands

Substitute Text in String[edit | edit source]

echo "Hello world" | sed 's/world/Linux/'
# Output:
# Hello Linux

↑ Commands

List All Files (long + hidden)[edit | edit source]

ls -la
# Output:
# total 12
# drwxr-xr-x  3 user user 4096 May 16 22:15 .
# drwxr-xr-x 18 user user 4096 May 16 21:00 ..
# -rw-r--r--  1 user user    0 May 16 22:15 index.html

↑ Commands

Create Directory[edit | edit source]

mkdir backups
# Output:
# (no output)

↑ Commands

Remove Empty Directory[edit | edit source]

rmdir backups
# Output:
# (no output)

↑ Commands

Copy File[edit | edit source]

cp secrets.txt /tmp/secrets.bak
# Output:
# (no output)

↑ Commands

Move & Rename[edit | edit source]

mv old.log archive/old.log
# Output:
# (no output)

↑ Commands

Force-Delete Directory[edit | edit source]

rm -rf /tmp/testdir
# Output:
# (no output)

↑ Commands

Show File Contents[edit | edit source]

cat /etc/passwd | grep ":/bin/bash"
# Output:
# root:x:0:0:root:/root:/bin/bash
# user:x:1000:1000:User,,,:/home/user:/bin/bash

↑ Commands

View Large Log[edit | edit source]

less /var/log/auth.log
# Output:
# (opens file in pager; press q to quit)

↑ Commands

First 10 Lines[edit | edit source]

head -n 10 notes.txt
# Output:
# Line 1
# Line 2
# Line 3
# Line 4
# Line 5
# Line 6
# Line 7
# Line 8
# Line 9
# Line 10

↑ Commands

Follow File Growth[edit | edit source]

tail -f /var/log/nginx/access.log
# Output:
# 192.168.1.5 - - [16/May/2025:22:30:01 +0200] "GET / HTTP/1.1" 200 1234
# 192.168.1.5 - - [16/May/2025:22:30:02 +0200] "GET /favicon.ico HTTP/1.1" 404 564

↑ Commands

Search Pattern[edit | edit source]

grep -R "passwd" /etc
# Output:
# /etc/login.defs:PASS_MAX_DAYS   99999
# /etc/pam.d/common-password:password requisite pam_pwquality.so retry=3

↑ Commands

Current User[edit | edit source]

whoami
# Output:
# user

↑ Commands

User & Group IDs[edit | edit source]

id
# Output:
# uid=1000(user) gid=1000(user) groups=1000(user),27(sudo)

↑ Commands

Human-Readable Disk Usage[edit | edit source]

df -h
# Output:
# Filesystem      Size  Used Avail Use% Mounted on
# /dev/sda1        30G   12G   17G  42% /

↑ Commands

Show Last 20 Commands[edit | edit source]

history | tail -n 20
# Output:
#  981  ls
#  982  cd /var/www
#  983  vim index.html
# ...
# 1000  exit

↑ Commands

Ping Host 4 Times[edit | edit source]

ping -c 4 example.com
# Output:
# PING example.com (93.184.216.34) 56(84) bytes of data.
# 64 bytes from 93.184.216.34: icmp_seq=1 ttl=56 time=12.3 ms
# 64 bytes from 93.184.216.34: icmp_seq=2 ttl=56 time=12.1 ms
# 64 bytes from 93.184.216.34: icmp_seq=3 ttl=56 time=12.0 ms
# 64 bytes from 93.184.216.34: icmp_seq=4 ttl=56 time=12.2 ms
# --- example.com ping statistics ---
# 4 packets transmitted, 4 received, 0% packet loss, time 3005ms
# rtt min/avg/max/mdev = 12.012/12.173/12.325/0.123 ms

↑ Commands

Download Web Page[edit | edit source]

curl -o index.html http://example.com
# Output:
#   % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
#                                  Dload  Upload   Total   Spent    Left  Speed
# 100  1270  100  1270    0     0   2500      0 --:--:-- --:--:-- --:--:--  2500

↑ Commands

SSH on Custom Port[edit | edit source]

ssh -p 2222 user@target
# Output:
# The authenticity of host 'target (192.168.1.50)' can't be established.
# ED25519 key fingerprint is SHA256:abc123...
# Are you sure you want to continue connecting (yes/no/[fingerprint])?

↑ Commands

Read Manual Page[edit | edit source]

man ssh
# Output:
# (opens manual page; press q to quit)

↑ Commands

Write to File[edit | edit source]

echo "hacked" > /tmp/proof.txt
# Output:
# (no output)

↑ Commands

See Also[edit | edit source]

Retrieved from "https://hackops.wiki/index.php?title=Basic_Linux_Commands&oldid=211"