Questions about this topic? Sign up to ask in the talk tab.

Bash

From NetSec
Revision as of 22:56, 20 May 2012 by FaustoKleiman (Talk | contribs) (File System)

Jump to: navigation, search
This article contains too little information, it should be expanded or updated.
Things you can do to help:
  • add more content.
  • update current content.
RPU0j.png
Bash is currently in-progress. You are viewing an entry that is unfinished.

Getting Started

Bash, (bourne-again shell) is the linux command line utility similar to MS-DOS.

You will need some version of Linux to run this.

Usually the application you are looking for is `xterm' or `terminal' in the desktop, or you can access this via ssh. It will be easier to learn all of this if you have the root password, or if you are listed in the sudoers file. The two most important commands are `info' and `man'. Many tutorials will teach you about the `man' pages. You can access any command's manual by typing `man commandname'. What many tutorials do not tell you about is `info coreutils'. Here's a small snippet of `info coreutils' listing:

  • Introduction:: Caveats, overview, and authors
  • Common options:: Common options
  • Output of entire files:: cat tac nl od base64
  • Formatting file contents:: fmt pr fold
  • Output of parts of files:: head tail split csplit
  • Summarizing files:: wc sum cksum md5sum sha1sum sha2

The info command will let you move with pageup and pagedown, as well as use errors to select words and hit enter to follow the link kind of in a wiki like format.

File System

Linux's File System hierarchy differs greatly from that of Windows. Windows only understands NTFS (New Technology File System) and FAT16/32 (File Allocation Table) systems. Linux on the other hand is able to manage dozens of filesystems, the supported ones on a real installation will depend on the kernel modules loaded/compiled, but the most used File Systems are EXT2/3/4, XFS, and ReiserFS. These file systems are journaling file systems, unlike Windows' NTFS, which in short makes the file-system more robust and less prone to data loss, and due to design principles those file systems do not fragment either.

Understanding the way Linux views files and file systems is important, since Linux follows the UNIX mentality of "everything is a file". From hardware devices to sockets, everything can be seen as a file on disk, from which a program can read from or write to.

If you run the following command:

df -h

You will get as output the currently mounted file systems. It will look similar to this: 

 Filesystem                Size  Used Avail Use% Mounted on
 /dev/sda2                 100G   10G   90G  10% / 
 /dev/sda1                 100M   30M   70M  30% /boot
 tmpfs                     1.5G     0  1.5G   0% /dev/shm

As you can see, the hard drive is treated as a file itself, namely /dev/sda. The number X in /dev/sdaX corresponds to that particular partition on the hard drive.

Your partitions are not formatted into drive letters. The "mount points" are directories under root (which is /), and taking the above output of df as an example, the first partition on disk /dev/sda is mounted to /boot, so writing to /boot will write to that first partition. The mount points can be found in:

  • /proc/mounts
  • /etc/fstab
  • /etc/mtab

You can also view these with the following commands:

  • mount
  • fdisk
  • cfdisk

Directories

You can change directory the same way you can in MS-DOS with the cd command. Listing directories is done with the `ls' command, rather than the `dir' command. On certain systems, the `dir' command has been setup as a shortcut to `ls' to help new linux users. Example: 

 cd /etc/

 user@host:~$ ls -at [Enter]
 .gconfd                .sudo_as_admin_successful  Pictures
 .xsession-errors       .cache                     Public
 .gconf                 .pulse                     Templates
 .config                .nautilus                  Videos
 .gnome2                .gtk-bookmarks             Desktop
 .thumbnails            .esd_auth                  Downloads

Another way of displaying files is using the `-lash' flags with `ls'. As an example: 

 user@host:/proc$ ls -lash
 total 4.0K
 0 dr-xr-xr-x 207 root       root           0 2010-12-01 20:35 .
 0 drwxr-xr-x  22 root       root        4.0K 2010-12-02 20:03 ..
 0 dr-xr-xr-x  10 root       root           0 2010-12-01 20:35 acpi
 0 dr-xr-xr-x   4 root       root           0 2010-12-02 20:50 asound
 0 -r--r--r--   1 root       root           0 2010-12-02 20:50 buddyinfo
 0 dr-xr-xr-x   4 root       root           0 2010-12-02 20:50 bus
 0 -r--r--r--   1 root       root           0 2010-12-02 20:50 cgroups
 0 -r--r--r--   1 root       root           0 2010-12-02 20:50 cmdline
 0 -r--r--r--   1 root       root           0 2010-12-02 20:50 cpuinfo
 0 -r--r--r--   1 root       root           0 2010-12-02 20:50 crypto
 0 -r--r--r--   1 root       root           0 2010-12-02 20:50 devices
 0 -r--r--r--   1 root       root           0 2010-12-02 20:50 diskstats
 0 -r--r--r--   1 root       root           0 2010-12-02 20:50 dma
 0 dr-xr-xr-x   3 root       root           0 2010-12-02 20:50 driver
 0 -r--r--r--   1 root       root           0 2010-12-02 20:50 execdomains
 0 -r--r--r--   1 root       root           0 2010-12-02 20:50 fb
 0 -r--r--r--   1 root       root           0 2010-12-02 20:50 filesystems
 0 dr-xr-xr-x   8 root       root           0 2010-12-01 20:38 fs

Using the `-lash' argument will display all files and file permission which we'll discuss later on.

You can also list only directories by using grep: 

 21:54:40-user@host:~/Downloads$ ls -la | grep ^d
 drwxr-xr-x   2 zach zach   4096 2010-10-29 01:24 .
 drwx------ 102 zach zach 425984 2010-12-02 21:14 ..
For the purpose of this wiki, files have been omitted to make the above shorter and readable.

/proc

Properties:<toggledisplay>

  • Filesystem Type: procfs
  • Does not support ext3 attributes (chattr)
  • Recommended additional mount flags: nosuid
 Should be owned by root for user and group
 Should have permissions: 0555 (dr-xr-xr-x)

</toggledisplay> Using this virtual filesystem you can obtain active statistics about the local host. The following files contain a bit of hardware specs:

  • /proc/cpuinfo
  • /proc/meminfo

/proc/mounts contains all of the things you see when you invoke the `mount' command.

/proc/PID/environ contains all of the environment variables for the associated PID.

/proc/PID/maps contains an index of all loaded files by the associated PID in memory.

/etc

Properties: <toggledisplay>

  • Filesystem Type: ext2/ext3
 Should be owned by root for user and group
 Should have permissions: 0711 (drwx--x--x)

</toggledisplay> This partition is usually used to store configuration files.

/bin

Properties:<toggledisplay>

  • Filesystem Type: ext2/ext3
 Should be owned by root for user and group
 Should have permissions: 0755 (drwxr-xr-x)

</toggledisplay> This directory contains commands accessible to all bash users.

/sbin

<toggledisplay>

  • Filesystem Type: ext2/ext3
 Should be owned by root for user and group
 Should have permissions: 0711 (drwx--x--x)

</toggledisplay>

/var

<toggledisplay>

  • Filesystem Type: ext2/ext3
 Should be owned by root for user and group
 Should have permissions: 0711 (drwx--x--x)

</toggledisplay>

/home

<toggledisplay>

  • Filesystem Type: ext2/ext3
 Should be owned by root for user and group
 Should have permissions: 0711 (drwx--x--x)

</toggledisplay>

/tmp

<toggledisplay>

  • Filesystem Type: tmpfs
  • Recommended additional mount flags: nosuid,noexec,nodev
 Should be owned by root for user and group
 Should have permissions: 1777 (drwxrwxrwt)

</toggledisplay>

Files

You can view files for now using the commands:

  • cat
  • less
  • more

You can exit `more' or `less' by typing `q'. You can search for text by pressing `/' and go to a specific line number by typing `:'.

The syntax is simply [command] [filename]. You can edit files with:

  • nano
  • pico
  • vi
  • vim
  • emacs

Nano and pico are the easiest to use. To learn to vim, use the `vimtutor' command.

You can search for things inside of files using the grep command.

You can delete files using the rm command.

.bashrc

.ssh/known_hosts

/etc/motd

Partitioning & Formatting

fdisk

  • fdisk is the command-line utility that provides disk partitioning functions for almost all operating systems.

fidsk is a very powerful tool, it can allow you to look at something as little as a list of drives and all the information gathered about those drives, or it can be used to format almost seemingly broken hard drives into perfectly working machines once again. fdisk is a very powerful tool that has been around for many years and will not be going anywhere anytime soon.

The fdisk commands can be found by going into your command-line interface (CLI), and typing fdisk. It will spit out this onto your screen.

Example: 

 livecd ~ # fdisk

 Usage:
  fdisk [options] <disk>    change partition table
  fdisk [options] -l <disk> list partition table(s)
  fdisk -s <partition>      give partition size(s) in blocks

 Options:
  -b <size>                 sector size (512, 1024, 2048 or 4096)
  -c                        switch off DOS-compatible mode
  -h                        print help
  -u <size>                 give sizes in sectors instead of cylinders
  -v                        print version
  -C <number>               specify the number of cylinders
  -H <number>               specify the number of heads
  -S <number>               specify the number of sectors per track

cfdisk,mkfs

Commands

Text Manipulation

`cat',`tac',`head',`tail',`sed',`awk',`grep'

File Manipulation

>, >> , &>, touch, rm

Process Manipulation

ps, top, kill, skill, pkill, killall

Debugging

strace ptrace gdb kgdb

Network Manipulation

ifconfig, dhcp clients, packet injectors, sniffers

Firewall Manipulation

iptables nufw

FileSystem Manipulation

mount, umount, losetup

Pipes & Golfing in Bash

piping to sh

Bash is part of a series on administration.
Retrieved from "http://nets.ec/index.php?title=Bash&oldid=5677"