Understanding the Command Line

"Command Line Isn't Like the Movies" – The Reality of Hacking

In movies, you often see hackers breaking into systems using:

• 3D interfaces

• Animated countdowns

• Colorful graphics

In Real Life:

• 90%+ of hacking is done in text-only terminals

• You’ll usually not get access to full desktops (like RDP or VNC)

• Instead, you exploit a vulnerability and get a shell (command-line access)

Example:

You exploit a vulnerability and get a reverse shell:

nc -lvnp 4444  # Listen for a shell

Then the victim system connects back to you, giving you:

$ whoami
www-data
$ uname -a

No GUI. Just terminal commands.

---

Linux File System – What You Need to Know as a Hacker

Understanding the Linux file system is critical in pentesting, because after gaining shell access, you need to:

• Look for flags

• Extract credentials

• Pivot to other users or systems

Common Directories Explained:

Path	Description & Why It Matters
/root	Home of the root user – check here for flags or secrets
/home	Contains regular users’ folders (e.g. /home/bob) – look for .ssh keys, history, passwords
/etc	Holds config files like passwd (usernames) and shadow (password hashes)
/bin & /sbin	System commands like ls, rm, ifconfig, iptables – often used for privilege escalation
/usr	Holds extra software (user-installed) – look here if something custom is installed
/var	Web servers like Apache store files here (/var/www/html) – look for webshells or uploads
/tmp	Temp files – sometimes reverse shells or scripts are stored here
/dev	Device files – usually not useful unless you're exploiting the kernel
/proc	Runtime info about processes – great for manual process inspection
/mnt	If other drives are mounted, check here
/boot	Kernel-related stuff – usually not touched in most CTFs or basic pentests

---

Linux Basics You Must Know for Pentesting

$ vs # Prompt

• $ = you're a non-root user

• # = you're root (admin of the system)

Default Shell in Kali

• Older: bash

• Newer: zsh with syntax highlighting, autocomplete

Use chsh -s /bin/bash to switch if you prefer bash.

---

Linux = Everything is a File

In Linux:

• Text files are files

• Directories are files

• Devices (USB, disk) are files (/dev/sda)

• Processes are files (/proc/[pid])

• Sockets and pipes are also file-like

How to inspect unknown things:

Use:

file <filename>

Example:

file payload.bin

---

Essential Help Commands

Command	What It Does
man ls	Opens the manual page for ls
nmap -h	Shows help/syntax for the command
--help	A common flag for quick help: python3 --help

---

Navigation & Shortcuts

Command	Meaning
cd	Change directory
cd ..	Move up one directory
cd .	Stay in the current directory
pwd	Show present working directory
ls -la	List all files, including hidden ones (. files)
history	Show all previously used commands

🔹 TIP: Use TAB to autocomplete and ↑ to recall last commands.

---

Creating, Editing, and Managing Files

File/Folder Creation

Command	Example
touch	touch notes.txt – Creates an empty file
mkdir	mkdir exploits – Makes a new folder
cat > file.txt	Starts writing a file – press Ctrl+D to save

---

File/Folder Deletion & Copying

Command	Function
rm file.txt	Remove a file
rmdir folder	Remove an empty directory
rm -r folder	Remove a folder and everything inside
cp file1 file2	Copy a file
mv file1 file2	Move or rename a file

---

Real-World Pentesting Examples:

After Shell Access:

• cd /home → Check users

• ls -la → Look for hidden files

• cat .bash_history → Find reused passwords

• cd /etc → View passwd and shadow

• cat /etc/shadow (if root) → Dump password hashes

• grep -i password /var/www/html/* → Look for hardcoded credentials in web files

---

Summary for Learners

Topic	Must-Know
CLI	You'll use the terminal 90% of the time
File System	Learn where sensitive data is stored
Permissions	Understand $ vs # and when to sudo
Navigation	Practice with cd, ls, touch, cat, history
Help	Use man, --help, file, and TAB to learn faster