Linux Fundamentals Part 1: A gentle introduction to using the Linux Command Line (CLI)

Demystifying a critical skill for all cybersecurity professionals (whilst also making you feel like a real hacker)

Sections

• A brief primer
• But why?
• Getting started: the terminal
• Commands
• Conclusion

A brief primer

Having worked in cybersecurity for a minute, I realised that there are certain skills that would be invaluable to anyone just starting out in the industry or anyone who is simply curious about this incredibly crucial utility. Over this series of blogposts, I will be writing about tools and skills that have helped me in my work which will hopefully be useful for you too!

In this post I will attempt to provide a gentle introduction to command-line interfaces and how to use them. My main focus will be on the linux command line and if you are a Mac user like myself, you may think of this as a my way of demystifying the Terminal app.

Most of us have seen the command-line interface in some form or other. It may be through media like hacker shows or movies or it may have been an accident if the terminal window just popped up.

But what is the CLI anyway? According to wikipedia

A command-line interface (CLI) is a means of interacting with a device or computer program with commands from a user or client, and responses from the device or program, in the form of lines of text.

In essence, the CLI/ terminal/console/shell, is a way to speak to the computer or operating system directly as opposed to using a graphical user interface (GUI).

GUIs are “graphics-based operating system interface that uses icons, menus and a mouse (to click on the icon or pull down the menus) to manage interaction with the system”. They offer a layer of abstraction that enables more user-friendly interaction — like an interpreter that translates what we want to do and does the bulk of the legwork for us. Anything we can do on a GUI like open or delete a file, application, or folder, can be done through the CLI, just with a few more steps.

But why?

This is a good question. GUIs are generally how everyone learned to interact with computers and for good reason. They’re easier to use, more visual and intuitive. There are two drawbacks to this though — speed and flexibility.

GUIs are slower because you need the computer to load it up. You can accomplish most tasks through your GUI. Say you wanted to copy your file into a different folder and then rename it. It’s simple enough but it does require a few steps (right click — copy, rename, dragging the file into the folder you want). With the CLI, you can accomplish that in a single line, provided you know what to say.

Learning how to use the linux command line is essentially learning how to speak directly to our computer.

In cybersecurity, getting to grips with the CLI can be a huge benefit because you’ll come to realise that it is nigh inescapable. There are so many useful tools that are done via the command line that you will need it when you want to level up in other skills.

Besides, it also makes you feel like the hacker in movies and isn’t that in itself a worthy goal?

Getting started: the terminal

Opening up a new terminal window on my Mac, this is what I see

Let’s break down the components of this

This window (or view) where we can input/type words or commands is called a terminal prompt. The terminal prompt provides some important information about the system you’re interacting with. The prompt has 4 key components

[username]@[computerName]:[path][user]

So in this case,
* User: piramolkrishnan
* Computer name: Piramols-Macbook-Pro-10
* Path: ~

(Note: The tilde (~) means that we are in the user’s home directory.)

Now we can start delving into commands.

Commands

Commands are the language with which we can speak to the computer through the CLI. As the name suggests, we can instruct the computer to do all sorts of things. Generally, we just type a command into the prompt and press the *Enter* or *Return* on your keyboard to execute it. You can also use your cursor to navigate to the line.

Most of the time, a successful command will return an output. For example, a command almost guaranteed to run successfully is the ls (that’s a lowercase L) command — for ‘list directory contents.’ (Try entering ls into your terminal prompt and pressing enter.)

Here are the commands that I will be going through in this post. I will be making follow-up posts for more advanced uses.

• man [command]
• mkdir
• cd
• pwd
• ls
• cat

1. Command: `man [command]`

The man command in Linux is used to display the user manual of any command that we can run on the terminal.

If the man command is installed, you can run man [command]to read the manual pages for that specific command.

For example, running the command man ls would show the manual pages for the ls command.

Manual page for the `ls` command

Once you’ve got the manual open, you can browse the contents using the arrow keys on your keyboard. Once you’re ready to quit, press the Q key to get back to your terminal prompt.

2. Command : `mkdir

• Short for: make directory
• Purpose: Allows the user to create directories/folders

In my root directory, I now want to create a new folder called ‘test-folder’. To do so, I simply type mkdir test-folder into my terminal prompt

3. Command: `cd`

• Short for: change directory
• Purpose : The cd command allows you to navigate through directories.
• To run the command, simply enter the name of the directory immediately after the cdcommand.
• For example, let us swich to the newly created test-folder

cd test-folder

• We can see that the ~ which corresponded to the root directory is now replaced with test-folder
• You can also use cd to move to exact paths on the terminal. Entering the command cd /home/linux/my-second-folder would move you to the folder found in the path home/linux/my-second-folder(as long as it exists!)

A Note on Relative vs Absolute file paths

A relative path describes the location of a file relative to the current/working directory i.e. where you are now. An absolute path describes the location from the root directory. As mentioned previously, ~will bring us back to the root directory.

Directories/file systems are designed like trees but navigating them is a little beyond the scope of this post (but I will likely write a follow-up post on directory traversal so fret not!)

One useful command to remember is

cd .. which will bring us one level up the directory tree i.e. from our current folder to the parent folder.

4. Command: `pwd`

• Short for: Print working directory
• Purpose: Running the pwd command on the terminal will output the full path to your current location on the filesystem, as shown in the image below:

5. Command: `ls`

• Short for: list
• Purpose: lists all the files and directories under a specified directory. By default, ls uses the current directory and lists files and directories in alphabetical order by name
• Building upon the idea of relative file paths, say we are in our current directory test-folder but we want to see the files in another directory.

let’s run ls to see what is in here

Say we want to know what is inside sub-folder without having to cd into it. We can do this by using ls sub-folder

This can come in handy when we interact with more complex file systems!

Command Parameters

I will be using the ls command as an example to illustrate the usage of command parameters. Where a command tells the computer to perform a task, parameters essentially provide specifications on how to do so. These parameters or flags change how the command works.

We add the flag by either

• short options: using a single hyphen character (-) followed by a single character flag (or multiple single-chaacter flags combined into one string)
• long options: using two hyphen characters ( — ) followed by a word

We can use the command we just learned man to get the manual for ls and see what flags/parameters/options are available.

I’ve taken two screenshots of the options available because there are so many. Do note that the flags have uppercase and lowercase variations because the linux command-line is case-sensitive.

Within these options, I’m going to zero-in on the ones I use the most for the lscommand

`ls -l`

• The lowercase letter “ell”.
• List files in the long format

From the man ls / ls manual

The `-l` flag description from the `ls` manual

The Long Format as described by the ‘ls — list directory contents’ manual

• This shows a lot more information presented to the user than the standard command which only displays the filenames in that directory

Here is an example of the information provided by the ‘long’ form.

As mentioned previously, we can actually chain multiple single-character flags in one string after using the single-hyphen (-). Let’s have a go!

`ls -a`

• Purpose: shows hidden files
• Include directory entries whose names begin with a dot (‘_._’).

The Description for the `-a` flag for the `ls` command

But what if we want to hit two birds with one stone ? Great news! We can do just that.

`ls -la`

• Purpose: list all files in your current directory in longlist format, including hidden files.
• By using this flag, we can see many hidden folders and files begin with the dot such as `.ssh`

A comparison of the `ls` outputs with the different flags

Conclusion

The Command-Line is not nearly as daunting as it is made out to be. It is definitely different from using a GUI but this skill will prove to be increasingly valuable the more comfortable you become with it. In my work, I use it for log analysis, file-editing, as well as when using git. I hope this post has demystified this utility just a little bit for you. As we have barely scratched the surface, I will be writing a few more posts to cover the following commands:

• cat
• echo
• chmod [permissions] [file]
• sudo
• su
• find
• grep **
• sort
• uniq
• wc
• touch

** grep is a powerful command-line utility that has many applications and will likely warrant its own blog post. In this post, I will keep it fairly high-level.