Kali Linux is developed and maintained by the offensive security professional. It is a Debian-based Linux distribution focus at advanced Penetration Testing and Security Auditing. All the programs packaged with the operating system have been evaluated for suitability and effectiveness. Kali contains several hundred tools that are geared towards various information security tasks, such as Penetration Testing, Security research, Computer Forensics, and Reverse Engineering.
Kali Linux comes with preinstalled most of the popular pentesting tools like Penetration Testing with Kali Linux Metasploit for network penetration testing, Nmap for the port, and vulnerability scanning, Wireshark for monitoring network traffic, and Aircrack-ng for testing the security of wireless networks.
This the reason why most of the hacker and pentester uses Kali Linux by offensive security. I know it is not to be the best distro for everyday use but for pentesting it is convenient, yes you could just download the tools on your other favorable distro but it might be just an unnecessary hassle for you.
Knowing Kali Linux for hacking if like "Give me six hours to chop down a tree and I will spend the first four hours on sharpening the axe ".The same relationship is seen between kali Linux with hacking.
How much to know for 'OSCP'
In Simple words more you know better for you, it is difficult to tell that how much you need to know, similarly like in our class exams we have a book from which we know the important topics to cover but at last, the question paper is decided by the examiner so going in the exam with this topics benefits you but for your 100% performance you know what to do. So let's understand each topic overview.
File System
Kali Linux adheres to the filesystem hierarchy standard called FHS. which is a familiar and universal layout for all Linux users. The directories you will find most useful are
- /bin - basic executable programs (ls, cd, cat, etc.)
- /sbin - system executable programs (fdisk, mkfs, sysctl, etc)
- /etc - configuration files of services mainly
- /tmp - temporary files
- /usr/bin - applications (apt, nmap, etc.)
- /usr/share - support application and data file
This is just the upper layer that I am scratching more surface is remain to explore in another blog if you wanna explore more feel free to do so.
Standard File system Hierarchy Diagram
Networking basics
Apart from networking in kali, there are some topics that i think you must know before putting your hands on the kali Linux Networking area. Generally, the networking area covers topics like, how the device communicates, how a web server works like a client-server model, how we interact with the server concerning the OSI layer, what is IP address, its distribution, classes, subnetting. If you get all these in your mind especially the OSI layer then you are good to go ahead.
Now let's come back to our friend kali Linux, the things which I consider the important comes under networking concepts are:
Firewall or better to say iptables
A firewall is a tool that scans incoming and outgoing traffic. iptables is a firewall tool used in Kali Linux. here in Linux, you have the advantage of adding rules to the iptables to filter out the inbound and outbound traffic. take a look at the input, forward, output rules in the /etc/iptable config file of iptable for further query, make sure to have root privileges to make to list firewall rule. It is just an overview of it make sure to check out more about its rule.
Networking commands(command line)
- nslookup: Used for querying DNS record using domain name mostly
- ifconfig: A utility used for configuring the network interfaces.
- netstat: Display network connection for transmission control protocol(TCP), routing tables, interfaces, and networking protocols statistics.
- Nmap: Powerful networking mapper, you can do anything with it like network discovery, security, auditing, and many more.
- SCP: This command allows you to copy a file from one host to another securely.
- dig: Used for DNS lookup using DNS namespace, we mainly used during the DNS enumeration phase.
- traceroute: traceroute tells about the route that packet takes to reach the host.
- wget: Helps to download files from the web.
- tcpdump: Helps to capture and analyze network
- ping: used to test the reachability of a host on an internet(ICMP Packet)
Redirection
Every program which runs on the command line has three data stream connected to it that behaves like a bridge for the external environment. stream is
- Standard input(STDIN)
- Standard output(STDOUT)
- Standard Error(STDERR)
Linux uses the standard set of I/O stream to send the data in and out of the program.
STDIN----> file discriptor----> 0
STDOUT----> file discriptor----> 1
STDERR----> file discriptor----> 2
All three can be redirected to somewhere else redirection simply means we can redirect the input, output, and error to anywhere according to our needs. For more details on this, you may terminal blog.
Navigating Inside Terminal
- PWD: print the current working directory
- cd: Used to change directory like cd /usr/share, ( cd /, cd ~ , cd .., cd - ).
Looking at files
- ls: to view the content of the current directory(some you see "." ".." when you execute this command with switch-like ls -a then these represent current and parent directory)
- file: Info about the file, filetype
- more: Used to view the text files, allows the user do scroll up and down through the page.
- less: Used to read contents of a text file one page(one screen) per time.
- find: Used to find file and directories inside the system
- Locate: similar to find but uses its database to find the files and directories.
Operation on files
- Create a file by Vim, Touch, nano, or any other text Editor
- Cp(copy): cp filename destination_path
- move/rename(mv): mv filename destination_path
- rm(remove the file): rm filename, the file should be empty
- mkdir and rmdir: making and removing a directory, mkdir directory_name
Editing the text
- sed: useful for searching, finding replacing, insertion, and deletion of text inside the file.
- cut: For cutting the output using column especially
- tr: translate command for translating the characters, for example, small to capital
- awk: used for pattern scanning and processing
User and group management (root privileges require)
- adduser: Add user to the system
- addgroup: Add a group to the system
- su: To switch user
- userdel: To delete the user from the system
- usermod: Modify a user account
Permission
ls -la command helps you to show all the permission on files. You will see drwx, Here 10 characters are representing the permission.
r=read
w=write
x=executable
Packages
As we know Linux is the source, which differentiates it from windows and the way how it installs a new software. In windows, we download software and packages mainly from the internet, sometimes from unknown sources. Where you don't have anything is proof that you are downloading from an authentic site. Whereas in Linux each distro has its software repos like one store to download for free.
So basically your task is reduced to somewhere apt-get install command using this command we can download any package.
sudo apt-get install package_name
for .deb file sudo dpkg -i /path_to_deb_file
To remove package Sudo apt-get --purge remove package_name
Installing a Custom package
means the package which we don't find inside the repository so before running and downloading you must have to add a path inside the path variable. The path variable is predefined and you can view it by printing its value inside the terminal.
Processes
To view currently running process inside the system use ps command * ps -au
monitoring and viewing running on your system is an important thing to do.
Cronjob
These are the scheduled task which is completed automatically by the system, so basically these tasks are nothing but just a set of command or we can say scripts. The specified command or scripts inside the crontab file are run at the specified time.
Services
Systemctl can be used to enable or disable services on Linux like 'systemctl start service_name'.
Tools like rcconf are used to control services like the services that are started when the system boots up or reboots.
init.d: This contains the bunch of scripts that are used to control the daemon processes while the system is running during boot.
Apart from this try to find out more about your system distro kernel as the kernel is responsible for taking between the hardware and the software, to manage the system resources.
You will find more about your kernel inside /boot file. The Linux kernel differs from windows in a way that contains most of the drivers by default. So the major problem of the driver which we encounter inside the windows is now resolved.
Try to get familiar with how to add more memory partition, what is the mount, How to mount more devices to your kali Linux as kali is a file-based system. So if we wanna plug in something we need to mount it to our filesystem. So whenever you need any USB to your machine you need to mount it to a specific path on the filesystem. A commonly used mounting point in kali is /dev/usb.
No comments:
Post a Comment