文章目录
File System Manipulation
Commands to learn:
ls, rm, mkdir, rmdir, cd, pwd, ln, chmod, umask
- How do you find out what directory you are working in?
pwd
- What one command could you use to list every file on the entire system, showing their owner, location, and access time?
ls -aIR /
- How do you list hidden files, i.e., file names that begin with ‘.’ that are normally not shown?
ls -a
- How do you print a list of all files just within the subdirectories of the current directory? You should not list files in the subdirectories of the subdirectories or below, just the single directory below.
ls -A */ or find maxdepth 2 - mindepth 2
- Where can you store files temporarily that are too large to fit within your account?
/tmp or /var/tmp
- How would you create a file named “~/fred” that, when opened, actually opened the /etc/passwd file?
ln -s /etc/pass ~/fred
- What command would you use to delete a directory named test, assuming it contained other files and directories and you wanted them to be deleted as well?
rm -r test
- What command would you use to make a file readable by anyone on the system?
chmod a+r <filename>
- What command would you use to make a file readable only by you (assuming it was your file)
chmod 400 <filename>
- Assuming you had root access, what command would you use to make a file execute as root when run?
sudo chmod +s filename
- What command would you use to make the default permissions for all the files you create be such that only you could read, write, or execute them?
vi /etc/profile to setup, then append umask 077
- What command would you execute that would make a program in your directory readable and executable by anyone on the system and when it executed it ran with your permissions?
chmod a+rx, +s filename
Finding and examining files
Commands to learn:
which, whereis, file, strings, more (or less)
- How would you find the path to the ping command?
which ping
- Assume you found a file named /tmp/hacker-leftover. What command could you use to find out what type of file this was?
file /tmp/hacker-leftover
- If the /tmp/hacker-leftover file was a binary executable, what command could you use to extract any readable information from the file without running it?
strings /tmp/hacker-leftover
Commands to learn: grep, find, locate
- What command would you use to determine what files in a particular directory contained the string “d00d”?
grep -r "d00d" ./directory/
- What command would you use to determine what files in a particular directory contained either of the strings “d00d” or “hax0r3d”?
grep -r "d00d|hax0r3d" ./directory/
- What command would you use to determine what files in a particular directory contained a string similar to “owned”, except in some varying letter case (e.g. OwnEd)?
grep -il "owned"
- What command would you use to find all the files on a system that had been accessed within the last week?
find / -atime -7
- What command would you use to find all the files on a system that were SUID root?
find / -prem +4000
- What command would you use to quickly find all the files on a system that had the work “tape” in their name?
locate "tape"
- What command would you use to file all files on a system that had a name ending in .txt that contained the string “qbert”?
find / -name "*.txt$" | xargs grep "qbert"
Useful utilities
Commands to learn:
cut, sort
- What command line (a series of commands) could you use to get a list of just the user IDs of people who had logged into a local system?
cat /etc/passwd | cut -d : -f1
Process Management and Information
Commands to learn:
top, ps, nice, nohup, kill, signal
- What command can you use to show all the processes that you are running?
ps -u <username>
- What is the process ID of the shell you are currently using?
echo $$
- What command can you use to show all the processes that are running on the system?
ps -A
- What command can you use to see the top few most active processes on a system?
top
- How could you cause a command to run with a lower priority than it otherwise would?
nice -n <priority> <command>
priority range from -20 to 10, from high to low
- What command can you use to send signals to running processes?
kill
- What signal would you send to a process on class-1.cs.georgetown.edu to suspend a process?
send stop signal: kill -STOP <PID>