Skip to main content

Linux for hackers - Part II

After posting 1st part and my 1st entry in the blog, I decided that I would post at least 1 new entry every week, but here I am again, writing after 4 weeks. Now looking back, I feel like the 1st entry isn't how I wanted it to be.
I wanted to put the things present in Linux which are required for hackers most often. So in this part, I would list all such things and briefly explain their importance so that it doesn't look like a tutorial.
Obviously this list not extensive or authorized.  I might miss something very important and put something very basic, because I am no master in Linux. I am still learning and I will always be learning.

Various directories and their importance:
Configuration files specific to the machine are kept here.
Device files. In *nix systems, everything is a file. This directory contains special files which enable us to interact with various devices.
All programs are installed here.
Stores log files from various programs.

Important Files:
This file contains one entry per line for each user (or user account) of the system. All fields are separated by a colon (:) symbol. Total seven fields as follows:

  1. Username
  2. Password: An x character indicates that encrypted password is stored in /etc/shadow file.
  3. User ID (UID): Each user must be assigned a user ID (UID). UID 0 (zero) is reserved for root and UIDs 1-99 are reserved for other predefined accounts. Further UID 100-999 are reserved by system for administrative and system accounts/groups.
  4. Group ID (GID): The primary group ID (stored in /etc/group file)
  5. User ID Info: The comment field. It allow you to add extra information about the users such as user's full name, phone number etc. This field use by finger command.
  6. Home directory: The absolute path to the directory the user will be in when they log in. If this directory does not exists then users directory becomes /
  7. Command/shell: The absolute path of a command or shell (/bin/bash).

This file stores actual password in encrypted format for user's account.

This file maps port numbers to services

Contains host names and their corresponding IP addresses used for name resolution

This file is used to configure the Domain Name System (DNS) resolver library.

See all available network interfaces

Information about the processor

The time the system has been up.

This is a special file which holds the option which determines the type of process address randomization being used in the system.
options can be:
0 - No address space randomization
1 - Make the addresses of mmap base,stack and VDSO page randomized.
2 - Additionally enable heap randomization

That's all for this part then. It barely scratches the vast surface of linux systems, but it is a start nonetheless. In the next part, I am planning to document some of the most important command line tools for hackers. Lets hope it comes soon!