Linux Archives - Armour Infosec

Yum Commands Cheat Sheet for RHEL

Armour Infosec — Mon, 06 Apr 2020 10:59:56 +0000

In this blog, we will learn how to install, update, remove, find packages, manage packages and repositories on Linux systems using YUM (Yellowdog Updater Modified) tool developed by RedHat. This blog also contains a Cheat Sheet of some basic commands of YUM.

What is YUM?

YUM (Yellowdog Updater Modified) is an open-source command-line as well as a graphical based package management tool for RPM (RedHat Package Manager) based Linux systems. It allows users and system administrators to easily install, update, remove or search software packages on a system. It was developed and released by Seth Vidal under GPL (General Public License) as an open-source, which means anyone can be allowed to download and access the code to fix bugs and develop customized packages. YUM uses numerous third-party repositories to install packages automatically by resolving their dependencies issues.

Following example, usages show the most commonly used options for performing package installation with yum :

Install a Package with YUM

To install a package called Firefox, just run the below command it will automatically find and install all required dependencies for Firefox.

# yum install firefox

Loaded plugins: fastestmirror
Dependencies Resolved

===================================================================================================================================================================================================================
Package Arch Version Repository Size
===================================================================================================================================================================================================================
Installing:
firefox x86_64 68.6.0-1.el7.centos updates 94 M

Transaction Summary
===================================================================================================================================================================================================================
Install 1 Package

Total download size: 94 M
Is this ok [y/d/N]: y
Downloading packages:
firefox-68.6.0-1.el7.centos.x86_64.rpm | 94 MB 00:03:04
Installing : firefox-68.6.0-1.el7.centos.x86_64 1/1
Verifying : firefox-68.6.0-1.el7.centos.x86_64 1/1

Installed:
   firefox.x86_64 0:68.6.0-1.el7.centos

Complete!

The above command will ask confirmation before installing any package on your system. If you want to install packages automatically without asking any confirmation, use option -y as shown in the below example.

# yum -y remove firefox

Removing a Package with YUM

To remove a package completely with their all dependencies, just run the following command as shown below.

# yum remove firefox.x86_64

Loaded plugins: fastestmirror
Dependencies Resolved

=========================================================================================================================================================
Package Arch Version Repository Size
=========================================================================================================================================================
Removing:
firefox x86_64 68.6.0-1.el7.centos @updates 230 M

Transaction Summary
=========================================================================================================================================================
Remove 1 Package

Installed size: 230 M
Is this ok [y/N]: y

Running transaction
Erasing : firefox-68.6.0-1.el7.centos.x86_64

Verifying : firefox-68.6.0-1.el7.centos.x86_64 1/1

Removed:
      firefox.x86_64 0:68.6.0-1.el7.centos

Complete!

Same way the above command will ask confirmation before removing a package. To disable confirmation prompt just add option -y as shown in below.

# yum -y remove firefox

Upgrading a Package using YUM

We can also upgrade any installed package to the latest stable version. For e.g. we’ve to upgrade the version of vsftd. Just run the following command it will automatically resolve all dependencies issues and install them.

# yum upgrade vsftpd

Loaded plugins: fastestmirror
Dependencies Resolved

==========================================================================================================================================================
 Package  Arch  Version  Repository  Size
==========================================================================================================================================================
Updating:
 vsftpd   i386  2.0.5-24.el5_8.1  updates  144 k

Transaction Summary
==========================================================================================================================================================
Install       0 Package(s)
Upgrade       1 Package(s)

Total size: 144 k
Is this ok [y/N]: y
Downloading Packages:
Transaction Test Succeeded
Running Transaction
  Updating       : vsftpd                                                                     1/2
  Cleanup        : vsftpd                                                                     2/2

Updated:
  vsftpd.i386 0:2.0.5-24.el5_8.1

Complete!

Downgrading a Package using YUM

There will be occasions when a program update may have lead to an unstable system due to hardware compatibility issues. For this or whatever the reason, if you want your previous version program back, you need to know how to downgrade the applications.

# yum downgrade httpd-2.2.3-22.el5

Dependencies Resolved

====================================================================================================================================================
Package Arch Version Repository Size
====================================================================================================================================================
Installing:
httpd i386 2.2.3-22.el5 rhel-i386-server-5 1.2 M
Removing:
httpd i386 2.2.3-31.el5 installed 3.1 M
Removing for dependencies:
httpd-manual i386 2.2.3-31.el5 installed 3.4 M
mod_ssl i386 1:2.2.3-31.el5 installed 173 k

Transaction Summary
====================================================================================================================================================
Install 1 Package(s)
Update 0 Package(s)
Remove 3 Package(s)

Total download size: 1.2 M
Is this ok [y/N]:

List Packages using YUM

Use the list function to search for the specific package with name, recently installed, updates available, etc. For example, to search for a package called OpenSSH, use the command.

# yum list openssh

Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: centos.mirrors.estointernet.in
* extras: centos.mirrors.estointernet.in
* updates: centos.mirrors.estointernet.in
Installed Packages
openssh.x86_64        7.4p1-21.el7       @anaconda

To list all the installed packages in a system, use the following command.

# yum list installed

To list all recently installed packages, use the following command.

# yum list recent

Use the following command to list the packages with updates available.

# yum list updates

Search for a Package using YUM

If you don’t remember the exact name of the package, then use search function to search all the available packages to match the name of the package you specified. For example, to search all the packages that match the word .

# yum search firefox

Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: centos.excellmedia.net
* extras: centos.excellmedia.net
* updates: centos.excellmedia.net
=================================================== N/S matched: firefox =============================================================
firefox.i686 : Mozilla Firefox Web browser
firefox.x86_64 : Mozilla Firefox Web browser

Get Information of a Package using YUM

Say you would like to know the information about a package before installing it. To get information about a package just issue the below command.

# yum info firefox

Loaded plugins: fastestmirror
* base: centos.excellmedia.net
* extras: centos.excellmedia.net
* updates: centos.excellmedia.net
Available Packages
Name : firefox
Arch : i686
Version : 68.6.0
Release : 1.el7.centos
Size : 97 M
Repo : updates/7/x86_64
Summary : Mozilla Firefox Web browser
URL : https://www.mozilla.org/firefox/
License : MPLv1.1 or GPLv2+ or LGPLv2+
Description : Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability.

List all Dependencies of a Package using YUM

You can check the list of all Dependencies required by a specific package using the following command.

# yum deplist vsftpd

Loaded plugins: fastestmirror
* base: mirrors.praction.in
* extras: mirrors.praction.in
* updates: mirrors.praction.in
package: vsftpd.x86_64 3.0.2-25.el7
dependency: /bin/bash
provider: bash.x86_64 4.2.46-33.el7
dependency: /bin/sh
provider: bash.x86_64 4.2.46-33.el7
dependency: libc.so.6(GLIBC_2.15)(64bit)

Yum Provides Function

Yum provides function is used to find which package a specific file belongs to. For example, if you would like to know the name of the package that has the /etc/ssh/sshd_config.

# yum provides /etc/ssh/sshd_config

Loaded plugins: fastestmirror
* base: centos.excellmedia.net
* extras: centos.excellmedia.net
* updates: centos.excellmedia.net
openssh-server-7.4p1-21.el7.x86_64 : An open source SSH server daemon
Repo : base
Matched from:
Filename : /etc/ssh/sshd_config

openssh-server-7.4p1-21.el7.x86_64 : An open source SSH server daemon
Repo : @anaconda
Matched from:
Filename : /etc/ssh/sshd_config

Check for Available Updates using Yum

Find how many installed packages on your system have updates available, use the following command to check.

# yum check-update

Update System using Yum

To keep your system up-to-date with all security and binary package updates, run the following command. It will install all the latest patches and security updates to your system.

# yum update

List all available Group Packages

In Linux, number of packages are bundled to a particular group. Instead of installing individual packages with yum, you can install a particular group that will install all the related packages that belong to the group. For example to list all the available groups, just issue following command.

# yum groups list

Loaded plugins: fastestmirror
* base: centos.excellmedia.net
* extras: centos.mirror.snu.edu.in
* updates: centos.mirror.snu.edu.in
Available Environment Groups:
Minimal Install
Compute Node
Infrastructure Server
File and Print Server
Basic Web Server
Virtualization Host
Server with GUI
GNOME Desktop
KDE Plasma Workspaces
Development and Creative Workstation
Available Groups:
Compatibility Libraries
Graphical Administration Tools
Security Tools
System Administration Tools

Install a Group Packages

Install a particular package group, use option groups install. For example, to install “Development Tools“, execute the below command.

# yum groups install "Development Tools"

Update a Group Packages

To update any existing installed group packages, just run the following command as shown below.

# yum groups update 'DNS Name Server'

Get details of a Group Packages

Display details about a group of packages from the system, just use the below command.

yum groups info "System Administration Tools"

Remove a Group Packages

Delete or remove any existing installed group from the system, just use the below command.

#yum groups remove 'DNS Name Server'

List Enabled Yum Repositories

Get the list of all enabled Yum repositories in your system, use following command.

# yum repolist

Loaded plugins: fastestmirror
* base: centos.excellmedia.net
* extras: centos.excellmedia.net
* updates: centos.excellmedia.net
repo id                          repo name                                          status
base/7/x86_64                CentOS-7 - Base                                        10,097
extras/7/x86_64              CentOS-7 - Extras                                         341
updates/7/x86_64             CentOS-7 - Updates                                      1,787
repolist: 12,225

List all Enabled and Disabled Yum Repositories

The following command will display all enabled and disabled yum repositories on the system.

# yum repolist all

Interactive Yum Shell

Yum utility provides a custom shell where you can execute multiple commands.

# yum shell

Loaded plugins: fastestmirror
> search named
Loading mirror speeds from cached hostfile
* base: centos.excellmedia.net
* extras: centos.excellmedia.net
* updates: centos.excellmedia.net
======================================================== N/S matched: named =================================================================
pcp-pmda-named.x86_64 : Performance Co-Pilot (PCP) metrics for Named
bind-chroot.x86_64 : A chroot runtime environment for the ISC BIND DNS server, named(8)
bind-sdb-chroot.x86_64 : A chroot runtime environment for the ISC BIND DNS server, named-sdb(8)

Name and summary matches only, use "search all" for everything.
>

Clean Yum Cache

By default yum keeps all the repository enabled package data in /var/cache/yum/ with each sub-directory, to clean all cached files from enabled repository, you need to run the following command regularly to clean up all the cache and make sure that there is nothing unnecessary space is using.

# yum clean all

View History of Yum

To view all the past transactions of yum command, just use the following command.

# yum history

Loaded plugins: fastestmirror
ID | Login user | Date and time | Action(s) | Altered
-------------------------------------------------------------------------------
8 | root  | 2020-04-06 13:09 | Install | 1
7 | root  | 2020-04-06 12:15 | Install | 31
6 | root  | 2020-04-06 12:02 | Erase | 1 EE
5 | root  | 2020-04-06 11:43 | Install | 1
4 | root  | 2020-04-06 11:39 | Erase | 1 EE
3 | root  | 2020-03-30 17:17 | Install | 84
2 | root  | 2020-03-30 17:15 | Install | 1
1 | System  | 2020-03-30 16:50 | Install | 301
history list

The post Yum Commands Cheat Sheet for RHEL appeared first on Armour Infosec.

Spawning Interactive Reverse Shell

Armour Infosec — Fri, 03 Apr 2020 09:58:59 +0000

Often during pentests, you have a non-tty-shell there are certain commands and stuff you can’t do. This can happen if you upload reverse shells on a web server, so that the shell you get is by the user www-data, or similar. These users are not meant to have shells as they don’t interact with the system as humans do. So if you don’t have a tty-shell you can’t run su, sudo etc. This can be annoying if you manage to get a root password but you can’t use it. Here are some commands which will allow you to spawn a tty shell. Obviously some of this will depend on the system environment and installed packages. So, let’s start with Spawning Interactive Reverse Shell.

Shell Spawning

Python pty Module

python -c 'import pty; pty.spawn("/bin/sh")'

Perl

perl -e 'exec "/bin/sh";'

Simple Shells to Fully Interactive TTYs

1. Python to spawn a PTY

$ python -c 'import pty; pty.spawn("/bin/bash")'
        or
$ python3 -c 'import pty; pty.spawn("/bin/bash")'

2. Put the shell in to background with Ctrl-Z

$ Ctrl-Z

3. Examine the current terminal and STTY info and match it

# echo $TERM
# stty -a

The information needed is the TERM type (“xterm-256color”) and the size of the current TTY (“rows 37; columns 146”)

4. Set the current STTY to type raw and tell it to echo the input characters

 # stty raw -echo

5. Foreground the shell with fg and re-open the shell with reset

# fg
   reset

6. stty size to match our current window

$ export SHELL=bash
$ export TERM=xterm256-color
$ stty rows 37 columns 146
$ bash -i

7. Set PATH TERM and SHELL if missing

$ export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
$ export TERM=xterm
$ export SHELL=bash
$ cat /etc/profile; cat /etc/bashrc; cat ~/.bash_profile; cat ~/.bashrc; cat ~/.bash_logout; env; set
$ export PS1='[\u@\h \W]\$ '

The post Spawning Interactive Reverse Shell appeared first on Armour Infosec.

Nmap Cheat Sheet

Armour Infosec — Sat, 25 Nov 2017 14:41:24 +0000

Network Mapper (Nmap) also known as the God of Port Scanners used for network discovery and the basis for most security enumeration during the initial stages of a Penetration Testing. Nmap has a multitude of options and when you first start playing with this excellent tool it can be a bit daunting. In this cheat sheet you will find a series of practical example commands for running Nmap and getting the most of this powerful tool. Below is Nmap Cheat Sheet and Helpful Tips and Techniques.

Keep in mind that this cheat sheet merely touches the surface of the available options. The Nmap Documentation portal is your reference for digging deeper into the options available.

Nmap in a nutshell

Target Specification
Host Discovery
Port Specification
Service Discovery / Version Detection
Operating System Version Detection
Firewall / IDS Evasion and Spoofing
Time and Performance based Scan
Output of Scan
Vulnerability / Exploit Detection, using Nmap Scripts (NSE)

Target Specification

Scan a single IP

nmap 192.168.1.1

Scan specific IPs

nmap 192.168.1.1 192.168.1.5

Scan a Range

nmap 192.168.1.1-254

Scan a Domain / Host

nmap nmap scanme.nmap.org

Scan Targets from a File

namp -iL targets.txt

Exclude the Listed Host from the Target Range

nmap --exclude 192.168.1.5 192.168.1.1-10

Host Discovery

To List given targets only, no Scan

nmap -sL 192.168.1.1-3

To Disable Port Scanning, Host Discovery only

nmap -sn 192.168.1.1/24

To Disable Host Discovery. Port scan only

nmap -Pn 192.168.1.1-5

TCP SYN discovery on given port

nmap -PS 80,21 192.168.1.1

TCP ACK discovery on given port

nmap -PA 80,21 192.168.1.1

UDP discovery on given port

nmap -PU 53 192.168.1.1

Port Specification

Scan a given Port (i.e 21 here)

nmap -p 21 192.168.1.1

Scan the given Port Range

nmap -p 21-100 192.168.1.1

Scan the multiple TCP and UDP ports

nmap -p U:53,T:21-25,80 192.168.1.1

Scan all 65535 ports

nmap -p- 192.168.1.1

Scans the given Service Name

nmap -p http,https 192.168.1.1

Scans the Top 100 ports

nmap -F 192.168.1.1

Service Discovery / Version Detection

Detect Version of the Running Services

nmap -sV 192.168.1.1

To set intensity range between 0 to 9. Higher number increases possibility of correctness

nmap -sV --version-intensity 5 192.168.1.1

To enable the light mode(intensity =2). It is faster but have less possibility of correctness

nmap  -sV --version-light 192.168.1.1

To enables the intense mode(intensity =9). It is slower but have more possibility of correctness

nmap -sV --version-all 192.168.1.1

Operating System Version Detection

Detect the Operating system

nmap -sV 192.168.1.1

Aggressive mode i.e OS, Service Version, Trace route.

nmap -A 192.168.1.1

Firewall / IDS Evasion and Spoofing

Use tiny fragmented IP packets. Its harder for packet filters

nmap -f 192.168.1.1

Used to set our own offset size

nmap --mtu 32 192.168.1.1

Use the Spoofed IP to scan

nmap -D decoy-ip1,decoy-ip2, your-own-ip remote-host-ip

Scans target.com from example.com (Domain Name Spoofing)

nmap -S example.com target.com

Uses the given port as a source

nmap -g 53 192.168.1.1

Appends random data to sent packets

nmap --data-length 200 192.168.1.1

Time and Performance based Scan

Slow scan

nmap -T0 192.168.1.1

Sneaky scan

nmap -T1 192.168.1.1

Timely scan

nmap -T2 192.168.1.1

Default scan

nmap -T3 192.168.1.1

Aggressive scan

nmap -T4 192.168.1.1

Very Aggressive scan

nmap -T5 192.168.1.1

Output of Scan

To scan in the Verbose mode (-vv for greater effect)

nmap -v 192.168.1.1

Save the scan results to the scan.file

nmap 192.168.1.1 -oN scan.file

Save the results in xml.file

nmap 192.168.1.1 -oX xml.file

Save the results in grep.file

nmap 192.168.1.1 -oG grep.file

Saves the Output in the three major formats at once

nmap 192.168.1.1 -oA result

To scan in the debug mode (-dd for greater effect)

nmap 192.168.1.1 -d

To see all the packets sent and received

nmap 192.168.1.1 -T4 --packet-trace

Vulnerability / Exploit Detection, using Nmap Scripts (NSE)

Scan with default NSE Scripts

nmap 192.168.1.1 -sC

Scan with given NSE Script ( Example: nmap.nse )

nmap 192.168.1.1 --script=nmap.nse

Use script with arguments

nmap 192.168.1.1 –script=nmap.nse --script-args user=admin

The post Nmap Cheat Sheet appeared first on Armour Infosec.

How to Protect Grub Boot Loader by Password in Kali Linux.

Armour Infosec — Sat, 18 Jun 2016 04:50:31 +0000

How to Protect Grub Boot Loader by Password in Kali Linux.

GRand Unified Bootloader (GRUB) is a default bootloader in all Unix-like operating systems. As promised in our earlier article “How to reset a forgotten root password“, here we are going to review how to protect GRUB with a password. As mentioned earlier post, anyone can login into single-user mode and may change system setting as needed. This is the big security flow. So, to prevent such unauthorized person to access system we may require to have grub with password protected.

Here, we’ll see how to prevent a user from entering into a single user mode and changing the settings of a system that may have direct or physical access to the system.

Open Kali Linux and then go to the terminal.
Go to grub.d file by the following command

# cd  /etc/grub.d

Create the password by typing this command

# grub2-mkpasswd-pbkdf2

After you enter the password, copy the whole generated code that appears.
Now edit the file/etc/grub.d/10_linux using vim by following commands

cat << EOF
set superusers="Username"
password_pbkdf2 Username 'paste the generated code   copied above here'
EOF

Save the changes and exit the editor.
Update grub using either of the commands;

#update-grub
#grub-mkconfig -o /boot/grub/grub.cfg

The post How to Protect Grub Boot Loader by Password in Kali Linux. appeared first on Armour Infosec.

How to reset root password of RHEL 7, CentOS and Fedora?

Armour Infosec — Wed, 08 Jun 2016 03:35:43 +0000

Before you lose or forgot your password and left with frustration and exasperation, you should know how to change or reset it. So here’s our post regarding the cure of most common problem arisen.

Resetting password of RHEL, CentOS and Fedora :-
1. Start your computer and wait for the boot menu to appear.

2. At the grub boot menu, press e to edit the existing kernel (Core).

3. To modify it just change read only mode (ro) to rw (write mode) and add init=/sysroot/sbin/sh like below screenshot then press F10 or CTRL+X to reboot the Kali Linux.

4. In the single user mode, run the command > “chroot /sysroot”.

5. Finally, run the commands “passwd root” You’ll be prompted to create and confirm a new password.

6. After creating the password, run the commands below to update SELinux parameters “touch /.autorelabel”

7. reboot -f
Enjoy !!

The post How to reset root password of RHEL 7, CentOS and Fedora? appeared first on Armour Infosec.

What is YUM ? How to Install YUM in Linux ?

Armour Infosec — Sat, 29 Aug 2015 17:21:27 +0000

In this blog, we will learn about “What is YUM ?” and How to Install YUM in RHEL Linux with the local repository. YUM is the primary tool for getting, installing, deleting, querying, and managing Red Hat Enterprise Linux RPM software packages from official Red Hat software repositories, as well as other third-party repositories. So let’s start to the point. You can also find Yum Commands Cheat Sheet at the end of this blog.

What is YUM?

General Configuration file of yum is located at /etc/yum.conf
You can see this file with any editor

Installation of Yum Server with local repository

We can install a local repository for YUM with DVD/ISO file. If you have DVD then Copy the entire Linux OS DVD’s content to Hard-drive. Insert DVD into DVD-RW and go to the mounting point of DVD.

To make a directory (folder) on root.

[root@localhost ~]# cd /
[root@localhost /]# mkdir rhel7

To go on the mounting point of DVD. cd [Mounting Location]

[root@localhost ~]# cd /run/media/root/rhel-server-7/

Copy all entire Linux OS DVD’s into /rhel7 directory (folder)

If you have an iso file of Rhel OS then follow how to mount ISO image in rhel.
Go where there you have copied the entire OS DVD. To go on the Packages Directory. Then Install the createrepo package. To install package

It gives dependencies error. Then you have install depend packages

# rpm -ivh deltarpm-*
# rpm -ivh python- deltarpm-*

Then you have to again install the createrepo package

To make “Createrepo” Database for the local repository which is used for YUM. Go to packages directory which is copied already. Go to the location of packages.

Create repo database

Create a file with repo as an extension and specify the YUM details in /etc/yum.repos.d directory (folder)

yum.repos.d this is a directory which contains all repository. now we create our new repo with any editor.

# vim rhel.repo
[RHEL]
name=local_repo
baseurl=file:/rhel7/Packages/
:wq!

[rhel] :- Title of yum repo,
name=rhel  :- name of yum repo
baseurl=file:/rhel7/Packages/ :- location of Rpm packages
gpgcheck=0 :- verify rpm to RPM-GPG-key (gpgcheck=0 Disabal, gpgcheck=1 Enable)

Now we can create successful YUM repository, Verify run the yum command

# yum check
# yum repolist all

Yum Commands Cheat Sheat

Click here to go the blog.

The post What is YUM ? How to Install YUM in Linux ? appeared first on Armour Infosec.

What is RPM Packages

Armour Infosec — Wed, 26 Aug 2015 19:36:51 +0000

RPM Packages

RPM stands for Red Hat Package Manager. RPM is a powerful Package Manager for Red Hat, Suse and Fedora Linux. It can be used to build, install, query, verify, update, and remove/erase individual software packages. A Package consists of an archive of files, and package information, including name, version, and description.

Files end in the .rpm extension
RPM files are the preferred Linux installation files according to the LSB (Linux Standard Base)
Two different types of RPM files:
- RPM – contains the compiled code
- SRPM – contains the source code for a particular application
RPM package names are constructed like this:

name-version-release.architecture.rpm

openssh-5.3p1-52.el6_1.2.x86_64.rpm

Architecture comes in three types:
- I386 for 32 bit system
- x86_64 for 64 bit systems
- noarch – platform independent software
RPM packages contain the following items:
- SPEC file – A file that ends in the .spec file extension, contains the information necessary to create the RPM package
- The application or libraries that are to be installed
- Any documentation (such as man pages ) that come with the package
- Any configuration files that come with the application
Package installation is stored in the RPM database. RPM database is located at: -/var/lib/rpm

RPM Commands

list of all installed packages

# rpm -qa

list of all recently installed packages

# rpm -qa –last

Query a particular Package

# rpm -qa packagename

Information about Package

# rpm -qi packagename

Documentation files of Package

# rpm -qd packagename

Dependencies a rpm file has

# rpm -qR packagename

list of configuration file for a Package

# rpm -qc packagename

list of all the Files in a Package

# rpm -qpl packagename.rpm

To Install the package

# rpm -ivh packagename.rpm

To Upgrade package

# rpm -Uvh packagename.rpm

Forcefully install package

# rpm -ivh –nodeps packagename.rpm

Uninstall package

# rpm -e packagename

Forcefully uninstall package

# rpm -e –nodeps package

Erase/remove/ an installed package

# rpm -ev package

Erase/remove/ an installed packagewithout checking for dependencies

# rpm -ev –nodeps package

The post What is RPM Packages appeared first on Armour Infosec.

Linux Commands

Armour Infosec — Sun, 09 Aug 2015 11:31:54 +0000

ls -l for listing the files as well as directories those are kept in the particular working directory

[root@armourinfosec ~]# ls –l

ls -la same as ‘ls -l’ but by this command we can also see the hidden files

[root@armourinfosec ~]#ls –la

ls -li same as ‘ls -la’ but it will also shows us the inode number of each and every file

[root@armourinfosec ~]#ls –li

ls by this command we can see only file name nothing else

[root@armourinfosec ~]#ls

clear it will clear the screen ( short cut ctl + l )

[root@armourinfosec ~]#clear

exit to end a current session as well current terminal logging

[root@armourinfosec ~]#exit

touch to create a new empty file

[root@armourinfosec ~]#touch myfile.txt

cd to change the working/present directory

[root@armourinfosec ~]#cd /home/sachin

cat to view the contents of a file and it is also used for creating a new file with some contents

[root@armourinfosec ~]#cat to view file contents

[root@armourinfosec ~]#cat > newfilename enter, then you can write something in the file and then to save the file contents press clt+d then enter

mkdir to make a new directory

[root@armourinfosec ~]#mkdir newdirname

you can also create a directory at your desired path without changing your present working directory

[root@armourinfosec ~]#mkdir /home/sachin/newdirname

rm to remove a empty file

[root@armourinfosec ~]#rm filename

rmdir to remove a empty directory

[root@armourinfosec ~]#rmdir directoryname

rm [-i/-r/-f] to remove a directory with its subdirectories as well as its

files that is to remove a directory which already contains some files in it

[root@armourinfosec ~]#rm -i directory/filename

-i stands for interactively

-r stands for recursively

-f stands for forcefully

cp to copy something in a destination file or directory

[root@armourinfosec ~]#cp sourcepath destinationpath

[root@armourinfosec ~]#cp /home/sachin/webmin.rpm /root/abcd

in this example the webmin.rpm file will be copied in

/root/abcd directory

mv to move one file or directory from one place to another place, it is also used for renaming adirectory or file

[root@armourinfosec ~]#mv source destination

[root@armourinfosec ~]#mv oldfilename newfilename [to change the file name]

man to view the mannual page of commands for syntax

[root@armourinfosec ~]#man commandname

info to view the information about any command

[root@armourinfosec ~]#mkdir info

–help to view the help doccuments of a command

[root@armourinfosec ~]#commandname –help

dir to view the subdirectories and filesn under the directory

[root@armourinfosec ~]#dir

who by this command you can see the user name and their ip addresses who have loged in on your server

[root@armourinfosec ~]#who

whoami this command shows your current logged in terminal user name

[root@armourinfosec ~]#whoami

who am i this command shows you the logged in terminal number and user name and more detailed information

[root@armourinfosec ~]#who am i

pwd to view the present working directory

[root@armourinfosec ~]#pwd

rpm -ivh to intall a rpm package

[root@armourinfosec ~]#rpm -ivh packagename.rpm

rpm stands for ‘redhat package manager’

-i stands for install

-v stands for verbose mode

-h stands for with hash sign(#)

rpm -q to querry about any rpm package

[root@armourinfosec ~]#rpm -q packagename

rpm -e to uninstall a rpm package

[root@armourinfosec ~]#rpm -e package

find / -name to find any file or directory in linux file system

[root@armourinfosec ~]#find / -name filename

su username to switch from one user to another users home directory

[root@armourinfosec ~]#su sachin

su – username to switch from one user to another user users home directory directly

[root@armourinfosec ~]#su – sachin

useradd to create a new user

[root@armourinfosec ~]#useradd username

passwd to give a password of a user

[root@armourinfosec ~]#passwd sachin

give a password for user sachin:(here you have to type a password for sachin user) Confirm password:(again type the same password)

userdel to remove a user from linux

[root@armourinfosec ~]#userdel sachin

groupadd to add a new group

[root@armourinfosec ~]#groupadd groupname

gruopdel to delete a group

[root@armourinfosec ~]#groupdel groupname

chown to change the ownership of a file or directory

[root@armourinfosec ~]#chown ownername filename

chgrp to change the group ownership of a file or directory

[root@armourinfosec ~]#chgrp newgroupownername filename

usermod to modify the user profile

[root@ armourinfosec ~]#usermod -parameter groupname username

The post Linux Commands appeared first on Armour Infosec.

Linux shell

Armour Infosec — Sun, 09 Aug 2015 10:36:44 +0000

Linux shell is a user interface used for executing the commands. Shell is a program the user uses for executing the commands. In UNIX, any program can be the users shell.

Types of Shells in Linux

sh ( Bourne Shell ): The original shell still used on UNIX systems and in UNIX-related environments. This is the basic shell, a small program with few features. While this is not the standard shell, it is still available on every Linux system for compatibility with UNIX programs.

bash ( Bourne Again shell ): The standard GNU shell, intuitive and flexible. Probably most advisable for beginning users while being at the same time a powerful tool for the advanced and professional user. On Linux, bash is the standard shell for common users. This shell is a so-called superset of the Bourne shell, a set of add-ons and plug-ins. This means that the Bourne Again shell is compatible with the Bourne shell: commands that work in sh, also work in bash. However, the reverse is not always the case.

csh ( C shell ): the syntax of this shell resembles that of the C programming language sometimes asked for by programmers.

tcsh ( TENEX C shell ): a superset of the common C shell, enhancing user-friendliness and speed. That is why some also call it the Turbo C shell.

ksh ( the Korn shell ): sometimes appreciated by people with a UNIX background. A superset of the Bourne shell; with standard configuration a nightmare for beginning users.

The file /etc/shells gives an overview of known shells on a Linux system.

[root@armourinfosec /]# vim /etc/shells

To switch from one shell to another, just enter the name of the new shell in the active terminal.

[root@armourinfosec /]# sh

Reserved Bourne shell variables

Variable name	Definition
CDPATH	A colon-separated list of directories used as a search path for thecdbuilt-in command.
HOME	The current user’s home directory; the default for thecdbuilt-in. The value of this variable is also used by tilde expansion.
IFS	A list of characters that separate fields; used when the shell splits words as part of expansion.
MAIL	If this parameter is set to a file name and the MAILPATHvariable is not set, Bash informs the user of the arrival of mail in the specified file.
MAILPATH	A colon-separated list of file names which the shell periodically checks for new mail.
OPTARG	The value of the last option argument processed by thegetoptsbuilt-in.
OPTIND	The index of the last option argument processed by thegetoptsbuilt-in.
PATH	A colon-separated list of directories in which the shell looks for commands.
PS1	The primary prompt string. The default value is “‘\s-\v\$ ‘”.
PS2	The secondary prompt string. The default value is “‘> ‘”.

Bash reserved variables

Variable name	Definition
auto_resume	This variable controls how the shell interacts with the user and job control.
BASH	The full pathname used to execute the current instance of Bash.
BASH_ENV	If this variable is set when Bash is invoked to execute a shell script, its value is expanded and used as the name of a startup file to read before executing the script.
BASH_VERSION	The version number of the current instance of Bash.
BASH_VERSINFO	A read-only array variable whose members hold version information for this instance of Bash.
COLUMNS	Used by the select built-in to determine the terminal width when printing selection lists. Automatically set upon receipt of a SIGWINCH signal.
COMP_CWORD	An index into ${COMP_WORDS}of the word containing the current cursor position.
COMP_LINE	The current command line.
COMP_POINT	The index of the current cursor position relative to the beginning of the currentCommand.
COMP_WORDS	An array variable consisting of the individual words in the current command line.
COMPREPLY	An array variable from which Bash reads the possible completions generated by a shell function invoked by the programmable completion facility.
DIRSTACK	An array variable containing the current contents of the directory stack.
EUID	The numeric effective user ID of the current user.
FCEDIT	The editor used as a default by the -eoption to the fcbuilt-in command.
FIGNORE	A colon-separated list of suffixes to ignore when performing file name completion.
FUNCNAME	The name of any currently-executing shell function.
GLOBIGNORE	A colon-separated list of patterns defining the set of file names to be ignored by filename expansion.
GROUPS	An array variable containing the list of groups of which the current user is amember.
histchars	Up to three characters which control history expansion, quick substitution, andtokenization.
HISTCMD	The history number, or index in the history list, of the current command.
HISTCONTROL	Defines whether a command is added to the history file.
HISTFILE	The name of the file to which the command history is saved. The default value is~/.bash_history.
HISTFILESIZE	The maximum number of lines contained in the history file, defaults to 500.
HISTIGNORE	A colon-separated list of patterns used to decide which command lines should besaved in the history list.
HISTSIZE	The maximum number of commands to remember on the history list, default is 500.
HOSTFILE	Contains the name of a file in the same format as /etc/hosts that should be readwhen the shell needs to complete a hostname.
HOSTNAME	The name of the current host.
HOSTTYPE	A string describing the machine Bash is running on.
IGNOREEOF	Controls the action of the shell on receipt of an EOF character as the sole input.
INPUTRC	The name of the Read line initialization file, overriding the default/etc/inputrc.
LANG	Used to determine the locale category for any category not specifically selected witha variable starting with LC_.
LC_ALL	This variable overrides the value of LAN Gand any other LC_variable specifying alocale category.
LC_COLLATE	This variable determines the collation order used when sorting the results of filename expansion, and determines the behavior of range expressions, equivalence classes, and collating sequences within file name expansion and pattern matching.
LC_CTYPE	This variable determines the interpretation of characters and the behavior ofcharacter classes within file name expansion and pattern matching.
LC_MESSAGES	This variable determines the locale used to translate double-quoted strings precededby a “$” sign.
LC_NUMERIC	This variable determines the locale category used for number formatting.
LINENO	The line number in the script or shell function currently executing.
LINES	Used by the select built-in to determine the column length for printing selectionlists.
MACHTYPE	A string that fully describes the system type on which Bash is executing, in thestandard GNU CPU-COMPANY-SYSTEM format.
MAILCHECK	How often (in seconds) that the shell should check for mail in the files specified in the MAILPATH or MAIL variables.
OLDPWD	The previous working directory as set by the cd built-in
OPTERR	If set to the value 1, Bash displays error messages generated by the getopts built-in.
OSTYPE	A string describing the operating system Bash is running on.
PIPESTATUS	An array variable containing a list of exit status values from the processes in themost recently executed foreground pipeline (which may contain only a single command).
POSIXLY_CORRECT	If this variable is in the environment when bash starts, the shell enters POSIXmode.
PPID	The process ID of the shell’s parent process.
PROMPT_COMMAND	If set, the value is interpreted as a command to execute before the printing of eachprimary prompt (PS1)
PS3	The value of this variable is used as the prompt for the select command. Defaults to”‘#? ‘”
PS4	The value is the prompt printed before the command line is echoed when the -xoption is set; defaults to “‘+ ‘”.
PWD	The current working directory as set by the cd built-in command.
RANDOM	Each time this parameter is referenced, a random integer between 0 and 32767 is generated. Assigning a value to this variable seeds the random number generator.
REPLY	The default variable for the read built-in.
SECONDS	This variable expands to the number of seconds since the shell was started.
SHELLOPTS	A colon-separated list of enabled shell options.
SHLVL	Incremented by one each time a new instance of Bash is started.
TIMEFORMAT	The value of this parameter is used as a format string specifying how the timinginformation for pipelines prefixed with the time reserved word should be displayed.
TMOUT	If set to a value greater than zero, TMOUT is treated as the default timeout for theRead built-in. In an inter ative shell, the value is interpreted as the number of seconds to wait for input after issuing the primary prompt when the shell is interactive. Bash terminates after that number of seconds if input does not arrive.
UID	The numeric, real user ID of the current user.

The post Linux shell appeared first on Armour Infosec.