Preface

This article is about a friend who is just studying kali. This article will start from the following aspects: the command, artifact, penetration test, and three aspects. If there are any other aspects that are not involved, please leave a message below for my convenience! The original work of this article is Xiaoyaozi. If you need to reprint it, please contact the author first. You can only reprint it after agreeing. At the same time, you can join the QQ communication group: (618207388) or follow the WeChat public account kali hacker teaching or kali forum to update simultaneously!

What is kali linux

Kali is a Debian-based Linux distribution. Its goal is to simplify: include as many penetration and audit tools as possible in a practical toolkit. Kali Linux is an open source project that is maintained and funded by Offensive Security, a provider of world-class information security training and penetration testing services.

kali installation

USB disk installation virtual machine installation (recommended) Physical machine installation Raspberry Pi (a superior device in the world of pretending)

kali installation (vm) configuration

Memory 2G (minimum) hard disk (20-40G) wireless network card (recommended 8187) processor 4 cores

kali can install graphical interfaces or use only command line interfaces. According to your actual situation, if your device is relatively high-end, it is recommended to install a graphical interface. If the device is not high-end, it is recommended to install a command interface such as Raspberry Pi. Otherwise the graphical interface will take up a lot of resources. It should be noted that in Kali, the two interfaces can be switched to each other.

Reference article: Switching of kalilinux's graphical interface and text interface

Switch files of kalilinux's graphical interface and text interface to modify whether the graphics configuration is enabled: the file that configures the graphical line interface is vi /etc/def.

It should be noted that the default username of kali is root password is goor

kali Commands

File Operation

Copy Move Delete

Copy the file

cp /root/123.txt /var/www Copy 123.txt in the root directory to the /var/www directory.

Move files

mv /root/123.txt /var/www delete file

rm 123.txtps: Delete the entire file under folder 123

rm -rf 123

Change paths and create folders

View the current path

pwd switch directory

cd /var/www create folder

mkdir hacker

Text Operation

View File

cat

The most commonly used cat command is. Note that if the file is large, the output result of the cat command will be output on the terminal crazily. You can press ctrl+c multiple times to terminate.

View file size

du -h file

View file content

cat file Since cat has this problem, for larger files, we can use the less command to open a file.

Similar to vim, less can enter the search mode after input/, and then press n(N) to search down (upper).

There are many operations, all similar to vim, you can take a look at it in an analogy. tail

Most students who do server development understand this command. For example, check nginx's scrolling log.

tail -f access.logtail command can statically view the last n lines of a file, and correspondingly, the head command can view the n lines of the file header. But the head does not have a scrolling function, just like the tail is growing outward and will not grow inward.

tail -n100 access.log

head -n100 access.log

Other

grep

grep is used to filter the content, with the --color parameter, which can print colors at the supported terminal, and the parameter n outputs the specific number of lines for quick positioning.

For example: Check the POST request in nginx log.

grep -rn --color POST access.log recommends using such parameters every time.

If I want to see the relevant content before and after an exception, I can use the ABC parameter. They are abbreviations for several words and are often used.

A after content n lines

B before content n lines

C count? N lines before and after content

It's like this:

grep -rn --color Exception -A10 -B2 error.logdiff

The diff command is used to compare the differences between two files. Of course, this function is provided in the ide, and diff is just the original tradeoff under the command line. By the way, diff and patch are also patching methods for some platform source code. If you don’t use it, just pass it.

Compression and decompression command

In order to reduce the size of the transferred file, compression is generally enabled. Common compressed files under Linux include tar, bzip2, zip, rar, etc. 7z is used relatively rarely.

tar compress or decompress bz2 using the tar command operate gz using the gzip command operate zip using the unzip command decompress rar use the unrar command to decompress

The most commonly used file format is the .tar.gz file format. In fact, it is after tar package and then compressed using gzip.

Create a compressed file

tar cvfz archive.tar.gz dir/

Decompression

tar xvfz. archive.tar.gz

Other common commands

chown

chown Used to change the user and group of files. chmod is used to change the access permissions of files.

Both commands are related to linux's file permissions 777.

Example:

Destructive Command

chmod 000 -R/Modify the user and group of directory a to xjj

chown -R xjj:xjj a adds execution permissions to a.sh file (this is too common)

chmod a+x a.shyum

Assuming you are using centos, the package management tool is yum. If your system does not have a wget command, you can use the following command to install it.

yum install wget -ysystemctl

Of course, there are some tricks to manage the backend service in centos. The service command is. Systemctl is compatible with service commands. Let's take a look at how to restart mysql service. Recommended to use the following.

service mysql restart

systemctl restart mysqld For ordinary processes, you need to use the kill command for more detailed control. There are many signals for kill command. If you are using kill -9, you must want to understand the differences and uses of kill -15 and kill -3. su

su is used to switch users. For example, if you are root now and want to use xjj users to do some activities, you can use su to switch.

su xjj

su - xjj