Linux For Pentester
Linux For Pentester
Table of Contents
Abstract ............................................................................................................................................ 3
Linux Basics ..................................................................................................................................... 4
Why use Linux for pentesting?........................................................................................ 4
Basic Linux Commands ...................................................................................................... 4
Text manipulation ............................................................................................................ 12
Installing and Removing Softwares .............................................................................. 15
Updating the repository .................................................................................................. 17
Playing with Permissions ................................................................................................ 19
Networks & Process Management .............................................................................................. 23
Managing Networks ........................................................................................................... 23
Process Management ........................................................................................................ 28
User Environment Variables .......................................................................................... 32
Bash Scripting, automation and Linux Services.......................................................................... 35
Bash Scripting Basics ........................................................................................................ 35
Scheduling Your Tasks ..................................................................................................... 39
Using Services in Linux.................................................................................................... 42
Conclusion ...................................................................................................................................... 48
References ..................................................................................................................................... 48
Page | 2
Michael Tchuindjang Credits to Hacking Articles
Abstract
Linux is an open-source operating system known for its flexibility, security, and
robustness. It has become the go-to choose for many cybersecurity professionals
and enthusiasts due to its vast array of tools and its adaptability to various
pentesting scenarios.
In this report, we'll explore the fundamentals of Linux, its relevance in the field of
cybersecurity, and how it can be effectively used for conducting penetration tests.
Whether you're new to Linux or an experienced user looking to enhance your
penetration testing skills, this report aims to provide you with valuable insights and
practical knowledge to navigate the world of Linux for pentesting effectively.
Disclaimer: This report is provided for educational and informational
purpose only (Penetration Testing). Penetration Testing refers to legal
intrusion tests that aim to identify vulnerabilities and improve cybersecurity,
rather than for malicious purposes.
Page | 3
Michael Tchuindjang Credits to Hacking Articles
Linux Basics
Linux offers a far higher level of control of the operating system, not to mention that it is open
source. This also makes Linux transparent and easier to understand. Before we try to “hack”
anything, it is a must to know how it works, this is why transparency in Linux is a huge plus.
Because Linux is very popular amongst the pen-testing community, most of the used
penetration testing tools and frameworks are also then built for Linux.
Maintenance is also comparatively easy as the software can be easily installed up from its
repository. It is also very stable when compared to traditional operating systems like Windows.
Just like how we use Windows on a daily basis, creating folders, moving files, copying things,
we’re going to learn these everyday operations for Linux.
We’ll be spending most of our time in the terminal, which is the command-line interface of our
operating system. This is where we type out commands to perform the operations we want.
Before we begin, we should know which directory we are working in, and where are the files
we create going to be stored. The pwd command is one way to identify the directory we’re in.
So, as we did it in our case, we found that we’re in the /root directory.
Page | 4
Michael Tchuindjang Credits to Hacking Articles
Using the whoami command we see which user we’re logged in as. Here, we’re logged in as
root (which translates to an administrator in the windows terms)
To change directories via the terminal, we use the cd command. Let’s change our current
directory to Desktop.
cd Desktop/
To see the contents of a directory we use the “ls” command, (very similar to the dir command
in windows)
Nearly every command, application and or utility in Linux has a dedicated help file which
guides its usage. If you want to learn more regarding a specific command or if you’re stuck,
help (-h, –help) will be your best friend.
volatility --help
Page | 5
Michael Tchuindjang Credits to Hacking Articles
In addition to the help file, most commands and applications also have a manual page, which
can be accessed via typing man before the command.
As seen below, it provides a description and all the tags that can be used with the ls command.
man ls
Page | 6
Michael Tchuindjang Credits to Hacking Articles
When searching for a specific keyword, one of the easiest ways to do so is using locate. Type
locate and then the keyword on the terminal and it will search the entire file system for the
occurrence of it.
Though a few drawbacks of using locate as it provides too much information and the database
it uses is updated once a day, so you can’t find files created minutes or hours ago.
Files that can be executed, similar to .exe’s in Windows are referred to as binaries. These files
generally reside in the /usr/bin or /user/sbin directories.
Utilities like ls, cd, cat, ps (we’ll cover some of these later in the article) are stored in these
directories too.
When looking for a binary file, we can use the whereis command. It returns the path of the
binary as well it’s man page. Finding the binary file: git.
whereis git
Page | 7
Michael Tchuindjang Credits to Hacking Articles
The which command is more specific and only return the location of the binary in the PATH
variable in Linux. Finding the binary file: git.
which git
Very often when using the command line, you’ll want to search for a particular keyword, this
is where grep comes in.
Let’s search for the word: echo, in the simple_bash.sh file by typing
Thought the most common use case of grep it to pipe the output into it with the keywords to
filter the output.
Here we use grep just to get the IP address of our machine, instead of all the other information
that comes when running the ifconfig command. (We’ll touch on the ifconfig common in the
later section)
Page | 8
Michael Tchuindjang Credits to Hacking Articles
The find command is the most powerful and flexible of the searching utilities. It is capable of
different parameters, including, the filename (obviously), date of creation and or modification,
the owner, the group, permission and the size.
Here we use -type and -name tag which tells find the type of file we are looking for as well as
its name. The backslash (/) indicates the root directory, which is where we want to search the
file in.
It is because the find command is also searching through directories your account doesn’t have
the permission to access to. Hence, for a cleaner result, we use 2>&1 which sends all the
permission denied errors to /dev/null (into nothing) and then using grep filters them out of the
output)
Page | 9
Michael Tchuindjang Credits to Hacking Articles
We use the cat command to output the contents of a file on the terminal. Let’s use the cat
command on “hacking-articles.txt”.
cat hacking-articles.txt
The touch command allows you to create a new file. Simply specifying the filename after the
touch command will result in the creation of that file.
touch hacking-artciles-2.txt
In order to make a directory or mkdir for short, we just need to specify the directory name after
the mkdir command.
mkdir Documents/ignite
Page | 10
Michael Tchuindjang Credits to Hacking Articles
To copy files we use cp, which creates a duplicate of the file in the specified location. Let’s
copy the text file we created earlier into the directory we just created above. We then list the
contents of the directory to ensure that the file has been copied.
To copy a file we type, cp <the file we want to copy> <the destination of the “copied” file>
cp hacking-articles-2.txt Documents/ignite
We can use the move command: mv not only to move files in the specified location but to also
rename them. Now let’s try to move the file we copied into the ignite folder, outside of it.
mv hacking-articles-2.txt /root/Documents/
To remove a file, you can simply use the rm command. Let’s remove the “hacking-articles-
2.txt” file.
Page | 11
Michael Tchuindjang Credits to Hacking Articles
rm hacking-artcles-2.txt
In order to remove a directory, we use the rmdir command which stands for “remove directory”.
Let’s remove the “ignite_screenshots” directory.
(Use rm -r for directories with content inside them, r stands for recursive)
rmdir ignite_screenshots/
Text manipulation
In Linux, almost everything you are going to deal with is going to be a file, more often a text
file; for instances, configuration files. Hence, learning how to manipulate text becomes crucial
while managing Linux and its applications.
When dealing with large files, we can use the head command, which by default displays the
first 10 lines of a file. Let’s view the first 10 lines of the etter.dns file.
(etter.dns is a file configuration of file of a tool called Ettercap which is used to in DNS
spoofing and ARP attacks)
Page | 12
Michael Tchuindjang Credits to Hacking Articles
head /etc/Ettercap/etter.dns
Similar to the head command, the tail command is used to view the last lines of file. Let’s view
the bottom lines of the etter.dns file.
tail /etc/ettercap/etter.dns
We can use the nl command to number the lines while it outputs them on the terminal window.
Again, using the etter.dns let’s number all of the lines this time.
nl /etc/Ettercap/etter.dns
Page | 13
Michael Tchuindjang Credits to Hacking Articles
The sed command lets you search for the occurrence of a word or a text pattern and then
perform some action on it. Here we are going to use the /s tag to search for the occurrence of
WWW and /g for global replacement with www.
The more command displays a page of a file at a time and lets you scroll down using the
ENTER key. Opening the etter.dns file using more.
more /etc/ettercap/etter.dns
Page | 14
Michael Tchuindjang Credits to Hacking Articles
The less command is very similar to more, but it comes with the added functionality of being
able to filter keywords. Let’s open the etter.dns file using less. We can further press the
backward slash (/) on the keyboard and then enter the keyword we want to search for, here I’ve
searched my own IP Address.
less /etc/ettercap/etter.dns
We often need to install software that didn’t come with your distribution of Linux or later down
the lane, even remove the unwanted software.
In Debian based Linux distributions, like Kali Linux (the one I am using), the default software
manager is the Advance Packaging Tool or apt for short. Just how we would go to the Appstore
to download an app, we have repositories in Linux. We’ll learn how to access this repository,
search in it and download from it.
Before we download any software package, let’s check whether it is available in the repository,
which is where our Linux operating stores information. We’ll be using the apt tool.
Type apt-cache search and then the package that you want to search for, let’s search for Hydra
which is login cracking tool. Highlighted is the tool we are talking about.
Page | 15
Michael Tchuindjang Credits to Hacking Articles
Installing packages
Now let’s install the packages we want. This time we’ll be using the apt-get command
followed by install and the package name.
Let’s install git, which will later allow us to pull repositories from Github to install furthermore
tools.
Removing packages
To remove any package from your machine, simply type remove after apt-get with the package
name.
Let’s remove the git package. (I recommend to Press n to abort this step)
Page | 16
Michael Tchuindjang Credits to Hacking Articles
Purging packages
Sometimes the package we just removed leaves residual files behind (an example would
configuration files) In order to completely wipe out everything clean, we use the purge option
with apt-get.
It is good practice to update the repository as they are usually updated with new software or
newer versions of existing software. These updates have to be requested and can be done by
typing update after apt-get.
Let’s update our repository. (Note: update doesn’t apply these changes only downloads them)
apt-get update
Page | 17
Michael Tchuindjang Credits to Hacking Articles
In order to apply the changes from the command we run above: update, we have to run the apt-
get with the upgrade tag. This then installs or rather upgrades all the new updates that were
downloaded to the system.
(Note: Upgrading can be time-consuming, so you might not be able to use your system for a
while)
apt-get upgrade
The server that holds the information of the software for particular distributions of Linux are
known as repositories. We can nano into the file at /etc/apt/sources.list and add repositories
here.
(I recommend not to add any experimental repositories in your sources.list because they can
download problematic software and cause things to break. )
nano /etc/apt/sources.list
Page | 18
Michael Tchuindjang Credits to Hacking Articles
Before we start learning the Linux commands to play with permissions, let’s learn about
file/directory permission in Linux first.
As you know by now, in Linux the root user is all-powerful, the root user can do anything on
the system. The other users have limited capabilities, and are usually collected into groups that
generally share a similar function.
For example, a different group for the developer team, deployment team and administrators to
initiate different levels of access and permission.
All the files and directories in Linux are allocated with three of levels of permission:
• r permission: This allows the user access to open and view a file
• w permission: This allows the user to view and edit the file
• x permission: This allows the user to execute the file (not necessarily view or edit it
though)
We change the ownership of the file so that the new user who owns can have the ability to
control its permissions. Here we’ll use the chown command to change the owner.
Page | 19
Michael Tchuindjang Credits to Hacking Articles
To transfer ownership of a file to a group we use the chgrp command. To ensure only the ignite
team member can have the ownership, let’s change the group to ignite.
Checking ownership
As you can see in the screenshots above, we are using the ls command with the l tag to view
the permissions granted to the files and directories.
Page | 20
Michael Tchuindjang Credits to Hacking Articles
Changing permissions
We use the chmod command to change the permissions of a file. This table will help you in
deciding the permissions you want to give the file:
0 —
1 –x
2 -w-
3 -wx
4 r–
5 r-x
6 rw-
7 rwx
We could run, chmod 777 $filename to give the file ALL the permissions,
We can see the colour of the file change, indicating that it is executable.
chmod +x hacking-articles.txt
Page | 21
Michael Tchuindjang Credits to Hacking Articles
SUID bit says that any user can execute the file with the permissions of the owner but those
permissions don’t extend beyond the use of that particular file.
To set the SUID bit, we need to enter 4 before the regular permissions, so the new resulting
permission of 644 will become: 4644.
Similar, SGID also grants temporary elevated permission but for the file owner’s group.
Page | 22
Michael Tchuindjang Credits to Hacking Articles
Managing Networks
Networking is a crucial topic for any aspiring penetration tester. A lot of times you would be
required to test a network or something over it. Hence, it becomes important to know you to
connect and interact with all of your network devices.
Let’s get started with learning all the various tools and utilities to analyze and manage
networks.
The ifconfig command is one of the most basic tools for interacting with active network
interfaces. Here we run ifconfig and we can see the IP address mapped to our 2 network
interfaces: eth0 and lo.
We can also see the netmask and a broadcast address of the network interface attached. As
well as the mac address which I have blurred out.
Page | 23
Michael Tchuindjang Credits to Hacking Articles
If you have a wireless adapter, you can use the iwconfig command to gather crucial information
such as its IP address, MAC address, which mode it is in and much more. Since I don’t have a
wireless adapter, my output is as such.
In order to change your IP address, enter ifconfig, the interface you want to change the address
for and the new address you want to assign to it. Let’s change the IP address to 192.168.1.13.
You can also use ifconfig to change your MAC address. Since MAC address is globally unique
and it often used as a security measure to keep the hackers out of networks or even to trace
them, spoofing your MAC address is almost trivial in order to neutralize these security
measures and maintain anonymity.
In order to change our MAC address to 00:11:22:33:44:55, we’ll have to down the interface,
change the MAC address and then up the interface again.
Page | 24
Michael Tchuindjang Credits to Hacking Articles
Linux has a Dynamic Host Configuration Protocol (DHCP) server that runs a daemon – a
process that runs in the background called DHCP daemon. This DHCP server assigns IP
addresses to all the systems on the subnet and it also keeps log files of such.
Let’s request an IP Address from DHCP, by simply calling the DHCP server with the command
dhclient and network interface you would want to change the IP Address of. We can see the
IP Address has changed from what we had manually given it earlier.
dhclient eth0
DNS is a service that translates a domain name like “hackingarticles.in” to the appropriate IP
address. We can use the dig command with added options such as mx (mail server), ns (name
sever) to gather more information regarding the domain and its mail and name servers
respectively.
Let’s use the dig command on “www.hackingarticles.in” here we can see the domain name
resolve into IP Address.
dig www.hackingarticles.in
Page | 25
Michael Tchuindjang Credits to Hacking Articles
dig hackingarticles.in mx
Page | 26
Michael Tchuindjang Credits to Hacking Articles
dig hackingarticles.in ns
The DNS server information is stored in /etc/resolv.conf, in order to change the DNS server
we need to edit this file. We can simply use nano or vim which are some of the common text
editors Linux.
Here, we are going to use the echo command and > to overwrite the resolve.conf file. We can
see the change reflect when reading using cat.
• is Cloudflare’s public DNS server, you could also use Google’s which is 8.8.8.8)
Page | 27
Michael Tchuindjang Credits to Hacking Articles
There is a file in our system called hosts which also performs domain name – IP Address
translation. The file is located in /etc/hosts. We can map any domain to the IP address of our
choice, this can be useful as the hacker to direct traffic from network to a malicious web server
(using dnspoof).
Let’s nano into the file. Here we can see localhost and kali mapped to certain IP addresses. We
can map www.hackingarticles .in to our IP address. Now if anyone on the network goes to this
URL it will be re-directed to our IP address, we can further run an apache server and deploy a
malicious website, tricking the users in the network.
nano /etc/hosts
Process Management
A process is just a program that’s running on your system and consuming resources. There are
times when a particular process has to be killed because it’s malfunctioning or as a pen-tester,
you would want to stop the anti-virus applications or firewalls. We’ll learn how to discover
and manage such processes in this section.
Viewing process
In order to manage the process, we must be able to view them first. The primary tool to do so
is ps.
Simple typing ps in the bash shell will list down all the active processes.
(PID stands for process ID and is unique for every invoked process.)
Page | 28
Michael Tchuindjang Credits to Hacking Articles
Running ps command with aux, will display all the running processes for all users, so let’s
run:
ps aux
Here we can see PID, the user who invoked the process, %CPU the process is using, %MEM
represent the percentage of memory being used and finally COMMAND which is the name of
the command that has started the process
As we learned earlier, we can pipe the output of ps aux into grep and filter out the specific
information we want.
Let’s search for msfconsole (A popular interface to use the Metasploit framework)
Page | 29
Michael Tchuindjang Credits to Hacking Articles
In some use cases when you want to know which process is using the most resources, we use
the top command. It displays the process ordered by the resources used. Unlike ps, the top also
refreshed dynamically – every 10 seconds.
When you start a process, you can set its priority level with the nice command. Let’s increment
the priority of /usr/bin/ssh-agent by 10 (increasing its priority) using the n tag.
The renice command takes an absolute value between -20 and 19 and sets the priority to that
particular level. It also required the PID (process ID).
Let’s give a process of PID 6242 a higher level of priority (increment it by 20).
renice 20 6242
Page | 30
Michael Tchuindjang Credits to Hacking Articles
At times, when a process exhibits unusual behaviour or consumes too many system resources,
they are called a zombie process. In order to stop these kinds of processes, we use the kill
command.
The kill command has 64 different kill signals, each signifying something slightly different.
(1 stands for Hangup and is designated to stop the process while 9 is the absolute kill, it forces
the process to stop by sending its resources to /dev/null).
kill -1 6242
kill -9 4378
At times, you may want a process to run in the background, and we can do so by simply adding
& to the end of the command.
Let’s run nano in the background. (You can see the PID that is generated)
Page | 31
Michael Tchuindjang Credits to Hacking Articles
If you want to move a process running in the background to the foreground, you can use the fg
command. Simply type fg and then the process ID.
(In order to see the background processes in your system simply use the command jobs)
Scheduling a process
Often one might need to schedule processes to run at a particular time of day. The at command
is a daemon – a background process which is useful for scheduling a job to run once at some
point in the future. While for jobs that occur every day, week, the crond is more suited.
at 9:00pm
/root/simple_bash.sh
Understanding environment variables is a must when trying to get the most from your Linux
system, it is crucial to be able to manage them for optimal performance. Variables are just
strings in key-value pairs. There are two types of variables, environment and shell, while the
shell variables are only valid for the particular session, the environment variables are system-
wide.
Page | 32
Michael Tchuindjang Credits to Hacking Articles
You can view all your default environment variables by entering env into your terminal from
any directory, like so:
set | more
Again, using piping the output to the grep command we can filter out the variables we want.
We can change the variable values simply by typing out the variable and equating it to a new
value but this new value will only be changed for this particular session, if you open a new
terminal window it will change back to its default.
After running this, you’ll see that when you press the up/down arrow keys to recall your
previous commands, nothing happens since we changed to a number of commands being stored
to 0.
HISTSIZE = 0
Page | 33
Michael Tchuindjang Credits to Hacking Articles
When changing the variables, it is always best practice to store the default value in say, a text.
This way you can always undo your changes.
Let’s echo the value into a text file name valueofHISTSIZE and save it in our working
directory by
adding ~/
Now, just like last time change the value of HISTSIZE but now we’ll execute another
command export. Which will make this change permanent.
HISTSIZE=0
export HISTSIZE
You can also design your custom, user-defined variables just by assigning a value to a new
value name of your choice.
Let’s create a new variable called URL which has the value www.hackingarticles.in.
url_variable="www.hackingarticles.in"
Page | 34
Michael Tchuindjang Credits to Hacking Articles
We can also delete this variable by using the unset command. Simply typing unset and the
name of the variable will do the trick.
unset url_variable
Hackers often have to automate certain commands, sometimes compile them from multiple
tools, this can be achieved by writing small computer programs. We’ll be learning how to write
these programs or scripts in bash.
Going back to the basics, a shell is an interface between the user and the operating system that
helps you interact with it, there are a number of different shells that are available for Linux, the
one we’re using is called bash.
The bash shell can run any system commands, utilities and applications. The only thing we’ll
need to get started is a text editor (like nano, vim). You can choose any as it would not make a
difference regardless.
Shebang: #!
Page | 35
Michael Tchuindjang Credits to Hacking Articles
Let’s create a new file: first_script. To tell our operating system we’re using bash in order to
write this script, we use shebang (#!) followed by /bin/bash as seen bellow. Open the file and
type:
#! /bin/bash
Echo
Like the name suggests, we use it to echo back a message or test we want. Let’s echo back
“Hello World”.
#! /bin/bash
echo "Hello World"
Before we can run our script, we need to give it permission to do so. As we learned earlier,
using chmod with +x tag should give the file executable permission.
Adding “./” before the filename tells the system that we want to execute this script
“first_script”.
Page | 36
Michael Tchuindjang Credits to Hacking Articles
A Variable in like a bucket, it can hold some value inside the memory. This value can be any
text (strings) or even numbers.
Let’s create another script where we learn how to take user input and declare variables.
Now we can finally see the magic variables, as we run this script. (Be sure to give the script
executable permissions first).
Page | 37
Michael Tchuindjang Credits to Hacking Articles
Let’s create a script that would be more useful. We’ll make our script scan the entire network
for all the active hosts connected to it and find out their IP Addresses.
In order to do so, we’ll be using nmap. It is simple at an essential tool when it comes to dealing
with network penetration testing.
It used to discover the open ports of a system, the services it running and has the capability to
detect the operating system as well.
We will be creating a script that allows us to scan all the device’s IP addresses connected to
our network. For this, we will be using the -sp tag of nmap. This allows for a simple ping scan,
which checks for all the alive connections in your network.
Page | 38
Michael Tchuindjang Credits to Hacking Articles
Let’s give our new bash script executable permissions, and run it.
Now we can see, all the different devices and their IP Address’s connected to your network.
At times one is required to schedule tasks, such as a backup of your system. In Linux, we
schedule jobs we want to run without having to do it manually or even think about it. Here,
we’ll learn about the cron daemon and crontab to run our scripts automatically.
The crond is a daemon that runs in the background, it checks for the cron table – crontab if
there are any specific commands to run at times specified. Altering the crontab will allow us to
execute our task.
The cron table file is located at /etc/crontab. It has a total of 7 fields, where the first 5 are used
to specify the time for it to run, the 6th field is for specifying the user and the last one is for the
path to the command you want to run.
Page | 39
Michael Tchuindjang Credits to Hacking Articles
First, let’s check whether the cron daemon is running or not by typing,
Now, open the cron table in order to edit it. Type crontab in the terminal, followed by the “-e”
flag (e stands for edit).
crontab -e
Page | 40
Michael Tchuindjang Credits to Hacking Articles
It gives you an option to select any text editor, we’ll be choosing nano as we’ve been working
with it so far. So, enter 1.
Now scroll down and simply enter all the 7 fields we learned about, to schedule the task.
Let’s say we want to see all the devices connected to our network before we sleep, so we’ll
execute our scanner script every day at 11:55 PM automatically. Type the following,
55 23 * * * /root/scanner
Whenever you switch on your Linux machine, a number of process run which helps in setting
up the environment that you’ll use. The scripts that run are known as rc scripts.
When booting up your machine, the kernel starts a daemon known as init.d which is responsible
for running these scripts.
The next thing we should know about is, Linux Runlevels. Linux has multiple runlevels, which
tell the system what services should be started at the bootup.
Page | 41
Michael Tchuindjang Credits to Hacking Articles
Let’s add a service to the rc.d now. This can be done using the update-rc.d command. This
enables you to add or remove services from the rc script.
We will enable MySQL to start every time we boot. Simply write MySQL after update-rc.d
and follow it with defaults (options: remove|defaults|disable|enable>)
Now, we restart the system, you’ll see MYSQL has already been started.
We can check for it using the ps aux and grep command as we learned earlier.
Services in Linux is a common way to denote an application that is running in the background
for you to use. Multiple services come preinstalled in your Linux machine, one of the most
common ones is Apache Web Server, which helps us creating and deploying Web Servers or
OpenSSH which allows you to connect to another machine. Let’s dig deeper into these services,
to understand their inner function, which will help us in abusing them.
Before we begin, we should know how to manage these services. The basic syntax to do so is,
service <service_name> <start|stop|restart|status>
Page | 42
Michael Tchuindjang Credits to Hacking Articles
Now, we use the status tag to check whether the service is up or not
At times when the service does a faulty start or you’ve changed a particular configuration, you
might want to restart it, to reflect the changes. This can be done with the restart option.
Page | 43
Michael Tchuindjang Credits to Hacking Articles
More than 60% of the world’s web servers use Apache, it is one of the most commonly used
services. As a pen-tester, it is critical to understand how apache works. So, let’s deploy our
own web server and get familiar with Apache.
Start the apache2 service (if you haven’t already) and now we are going to the HTML file that
will get displayed on the browser, apache’s default web page is present at:
/var/www/html/index.html
Let’s open this with nano and write some of our HTML code.
nano /var/www/html/index.html
Save the file a now to see what the Apache server displays, we can go to the browser and type
http://localhost
Page | 44
Michael Tchuindjang Credits to Hacking Articles
Secure Shell or SSH is basically what enables us to connect to a terminal on a remote system,
securely. Unlike its ancestor telnet which was used quite some years back, the channel SSH
using for its communication is encrypted and hence more secure.
Again, before we start using the SSH service, we have to start it first.
Now to connect to a remote system and get access to its terminal, we type SSH followed the
<username>@<ip address>. Let’s connect to my host machine.
ssh ignite@192.168.0.11
We have successfully connected to another machine called ubuntu with the user ignite
Page | 45
Michael Tchuindjang Credits to Hacking Articles
Let’s talk about the File Transfer Protocol or FTP. This protocol is generally used, as the
name suggests for transfer of files via the command line. Here we’ll try connecting to an ftp
server and download files from it, via the ftp command.
To access an ftp server, we type ftp followed by the domain name or the IP Address. Here’s an
example:
ftp ftp.cesca.es
Now it’s going to ask you to enter a name, we can type anonymous here since this server
allows it.
Now it’s going to ask for the password, and we type anonymous there as well.
Page | 46
Michael Tchuindjang Credits to Hacking Articles
As we can see we’ve been logged in successfully. Now with the help of the basic navigation
commands we learned in the first part of this article, we can ls to list the contents.
Navigate around for a file you want to download. Let’s try download the file at
get favicon.ico
To exit the ftp session, type bye. Now we can ls and see the file we just downloaded.
Page | 47
Michael Tchuindjang Credits to Hacking Articles
Conclusion
I hope this report, which covers basic and advanced Linux topics like managing
networks, process management, scripting & automation, has helped you grasp the
Linux operating system better.
Hence, one can make use of these commands as a cybersecurity professional to
assess vulnerabilities on systems and keep these systems away from threat.
References
• https://www.hackingarticles.in/linux-for-beginners-a-small-guide/
• https://www.hackingarticles.in/linux-for-beginners-a-small-guide-part-2/
• https://www.hackingarticles.in/linux-for-beginners-a-small-guide-part-3/
Page | 48