Chapter 4 - THM

Question 1

whoiam

Answer 1

Find out what user we’re currently logged in as!

Question 2

echo

Answer 2

Output any text that we provide

Question 3

what option do we add to the find command if we want to find a specific file called passwords.txt?

Please type it out as well.

Answer 3

find -name passwords.txt

The find command will look through every folder in our current directory for that specific file

Question 4

what is in the folder called /etc

Answer 4

This root directory is one of the most important root directories on your system.
The etc folder (short for etcetera) is a commonplace location to store system files that are used by your operating system.

Question 5

what is in the folder called /var

Answer 5

var short for variable data. Is one of the main root folders found on a Linux install. This folder stores data that is frequently accessed or written by services or applications running on the system.

Question 6

what is in the folder called /root

Answer 6

the /root folder is actually the home for the “root” system user. There isn’t anything more to this folder other than just understanding that this is the home directory for the “root” user. But, it is worth a mention as the logical presumption is that this user would have their data in a directory such as “/home/root” by default.

Question 7

what is in the folder called /tmp

Answer 7

This is a unique root directory found on a Linux install. Short for “temporary”, the /tmp directory is volatile and is used to store data that is only needed to be accessed once or twice. Similar to the memory on your computer, once the computer is restarted, the contents of this folder are cleared out.

Question 8

what is a PID

Answer 8

Process ID. Processes are the programs that are running on your machine. They are managed by the kernel, where each process will have an ID associated with it, also known as its PID. The PID increments for the order In which the process starts. I.e. the 60th process will have a PID of 60.

Question 9

Explain the command ps

Answer 9

Use the ps command to provide a list of the running processes as our user’s session and some additional information such as its status code, the session that is running it, how much usage time of the CPU it is using, and the name of the actual program or command that is being executed

Question 10

ps aux

Answer 10

To see the processes run by other users and those that don’t run from a session i.e. system processes

of course this is just a screen shot and not running in real time.

Question 11

top

Answer 11

top gives you real-time statistics about the processes running on your system instead of a one-time view. These statistics will refresh every 10 seconds, but will also refresh when you use the arrow keys to browse the various rows.

Remember to use ctrl c to exit top

Question 12

what command do we use to stop a PID?

how to we stop PID 1337

Answer 12

To kill a command, we can use the appropriately named kill command and the associated PID that we wish to kill.
i.e., to kill PID 1337, we’d use

kill 1337