4 - Linux Fundamentals Flashcards
What part of your computer system is Linux?
The OS kernel. Coordinates between hardware, software, users and files.
What is User Space
Everything that happens outside of the kernel
What starts the OS kernel?
The bootloader
What starts the computer’s bootloader?
BIOS/UEFI
What is “ring zero”?
kernel space
Where does the kernel export data about hardware (as virtual files)?
/proc/ and /sys/
Where does the kernel present the virtual files representing hardware such as HIDs and drive partitions?
/dev/
What are the two types of device files?
Block and Character
What Linux command can you use to determine if a device file is a block file or a character file?
ls -l
Are disk drives in /dev/ more likely to be block devices or character devices?
Block devices
Are peripherals and serial ports in /dev/ more likely to be block devices or character devices?
Character devices
Which system can be used to issue device-specific commands to devices?
ioctl
What is the file path for the root of the Linux virtual file tree?
/
What is the file path for a user home?
/home/username
What is the command used to mount a disk?
mount
What would mkfs.ext4 /dev/sda1 do?
Format the disk at sda1 to the ext4 filesystem.
What is a Process?
A running instance of a program.
What is a PID?
Process Identifier, the reference for a running process.
How many things can a CPU core do at once?
one
What user account do processes run under?
The user who started the process.
How can you get a command line if your GUI is broken?
Launch a virtual console with CTRL+ALT+F1 (F1 through F6 all work)
What does the pwd command do?
(Print Working Directory) Prints the current location yur shell is working in.
What is the command to change directories?
cd followed by an absolute or relative path.
What does cd - do?
Takes you to the last directory you navigated away from.
What command takes you to the parent directory?
cd ..
What is the command to create a directory?
mkdir directoryName
Which command is for moving or renaming files or directories?
mv
Which command is for removing an empty directory?
rmdir directoryName
Which command is for removing a file?
rm fileName
What command means “copy”?
cp
Which command lists directory contents?
ls
When you try to run a program, where is Linux looking for the program to run?
The list of directories in the PATH environment variable.
What does echo $PATH do?
Shows the list of directories in your PATH environment variable.
What are common paths for executable commands?
/usr/local/sbin,/usr/local/bin,/usr/sbin,usr/bin,/sbin,/bin
How do you ask Linux about the location of a command.
type followed by the command shows the command’s path.
“In penetration tests, you will most often receive shell access to a system after a successful exploit, rather than a graphical user interface. Proficiency with the command line is essential for your success as a security professional.”
Did you know that?
How can you print the contents of an environment variable to the screen?
echo $VAR
Where are two places system variables can be placed, for use by command line programs?
/etc/profile and ~/.profile
Where should you save environment variables to make them available to all sessions regardless of whether a shell has been executed?
etc/environment
FHS
Filesystem Hierarchy Standard
/bin/
basic programs
/boot/
Kali Linux kernel and other files required for its early boot process
/dev/
device files
/etc/
configuration files
/home/
user’s personal files
/lib/
basic libraries
/media/
mount points for removable drives (usb, dvd)
/mnt/
temporary mount point
/opt/
third party extra applications
/root/
root’s personal files
/run/
volatile runtime storage, doesn’t persist across reboots
/sbin/
system programs
/srv/
data used by servers hosted on this system
/tmp/
temporary files, (often emptied at boot)
/usr/
a parent folder for applications and data
/usr/bin/
basic programs
/usr/sbin/
system programs
/usr/lib/
basic libraries
/usr/share/
architecture-independent data
/usr/local/
used by the admin for installing applications without interfering with files handled by dpkg
/var/
variable data handled by services. This includes log files, queues, spools, and caches.
/proc/ and /sys/
Used by the kernel for exporting data to user space
~
$HOME
What is in your home directory?
dotfiles (application configuration files) and user files
What flag do you add to ls to show hidden files?
-a
XDG Base Directory Specification’s location for user config files?
~/.config
XDG Base Directory Specification’s location for user cache files?
~/.cache
XDG Base Directory Specification’s location for user application data files?
~/.local
cat
reads a file to the screen
less or more
read files to the screen, with pagination
>
output into a file
>>
append a file with output
echo
print a string or evaluated variable to the terminal
How do you search for files?
find directory criteria such as find /etc -name "host*"
(locate could also work, but you need to know about find)
How do you search within files?
grep expression files such as grep "user@example.com" filename.txt
How do you find a process’ PID?
ps aux
What command would you use to send a kill signal to a process?
kill such as kill -s KILL 667288
What do you add to a command to run it in the background?
& at the end
How do you access a background process?
fg %job-number
How do you find your background processes?
jobs
What does CTRL-Z do?
Pauses a job and puts it into the background.
How do you resume a paused background job?
bg %job-number
What are the three user categories for file permissions?
- Owner
u - Owner Group
g - Others
o
What are the three types of file rights?
- Read
r - Write
w - Execute
x
What are the two rights particular to executable files?
- setuid
- setgid
s
Why would a penetration tester look for executables that have the setuid permission allowed?
If the software is vulnerable, they may be able to execute commands as root.
What does execute access mean in the context of a directory?
The user may travel through a directory, even if they don’t have permission to read the contents.
example: cd noread/destination
What effect does the setgid permission have on a directory?
Files created in the directory will belong to the group that owns the directory, rather than the main group of the user who created the file.
What is the Sticky Bit?
t is a permission for directories that restricts the deletion of files to the files owner, or the owner of the file’s parent directory.
What command changes the owner of a file?
chown user file
What command changes the owner group of a file?
chgrp group file
Which command changes the rights of a file?
chmod rights file
Which command could you use to change the user and group of a file at the same time?
chown user:group file
What are the two ways of representing rights?
- symbolic
- octal
What are the respective octal values for read, write, and execute?
- read = 4
- write = 2
- execute = 1
What are the respective octal values of setuid, setgid, and sticky?
- setuid = 4
- setgid = 2
- sticky = 1
What is “u=rwx,g+rw,o-r” in octal
773
What are the rights “a=rx “ in octal
555
What permission results from “chmod 4754 file”
- u = read
- g = read, write, execute
- o = read, execute
- setuid
Which command is used to restrict permissions with an octal “mask”
umask
What flag on chmod, chown, etc. makes the command recursive?
-R
What is the difference between the ‘x’ and ‘X’ user right symbols.
- x is for executing files
- X is for traversing directories
Which command displays information on memory utilization?
free
What option can you add to the free command to have the output displayed in more “human readable” units?
-h
Which options could you append to free to display the output in MiB or GiB?
-m or -g
What command will show your disk utilization?
df (disk free)
Which command displays the identity of the user?
id
Which command returns a line documenting the kernel name, hostname, kernel release, kernel version, machine type, and the name of the OS?
uname -a
“the kernel emits messages that it stores in a ____ ______ whenever something interesting happens”
ring buffer
How do you display the kernel logs?
dmesg
What command is for reading the systemd journal?
journalctl
What do the following journalctl options do?
-r-f-u
- reverse chronological
- continuously
- limit messages to those emitted by a specific
systemdunit
What’s a tool that can summarize the data exported by the kernel to /proc/ and /sys/?
-
lspcifor pci devices. -
lsusbfor usb devices. -
lspcmciafor pcmcia devices.
What does lsdev list?
Communication resources used by devices.
What command is like a combination of: lspci, lsusb, and lsdev
lshw
Which command would you use to export information you’d want to include in any hardware support problems?
lshw
Which command can you use to launch a text editor?
editor
How is locate different than find?
locate searches for files using a database. find looks through the file tree for files.
What does time do?
Measures how long it takes for a command to run
What does updatedb do?
Updates the database of file locations used by locate.
What is zcat used for?
Displaying the contents of compressed files without decompressing
