Well I've been learning some useful things I've previously didn't know about so I though I'd take a moment and post some useful things you can do at the command line.
See who's logged in and what they're doing with the "w" command;
~ $ w
00:41:06 up 1 day, 1:13, 8 users, load average: 1.57, 1.14, 1.00
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
pathogen pts/0 :0.0 Sun23 2:27m 57.59s 3:26 /usr/bin/python
pathogen pts/1 :0.0 Mon00 23:08m 0.29s 0.29s /bin/bash
pathogen pts/2 :0.0 Mon00 23:59m 35.86s 0.27s /bin/bash
pathogen pts/3 :0.0 Mon01 22:41m 4.50s 4.25s polipo
pathogen pts/4 :0.0 Mon02 1:42 44.25s 3:26 /usr/bin/python
pathogen pts/5 :0.0 23:32 0.00s 0.27s 0.01s w
pathogen pts/6 :0.0 23:34 57:46 0.48s 0.48s bash
pathogen pts/7 :0.0 23:44 56:24 0.28s 0.28s /bin/bash
The next command is the "tail" command which we used with arpwatch in a previous post. This command can be used to read the last 10 lines (or more) of a file or piped data and displays it in the terminal. This is nice if you want to watch logfiles for example.
tail -f /var/log/syslog
Another good command line tool is "top", which displays processor and process statistics in real time.
Next is extremely handy command - man - which is short for manual and is used to display in-depth information about a given command or gives you the ability to search for manuals containing a keyword. For example, the command "man ascii" returns a rather detailed ascii chart - which we all know can be a lifesaver. You can search for manuals containing a keyword like so;
~ $ man -k irc
aircrack-ng (1) - a 802.11 WEP / WPA-PSK key cracker
airodump-ng (1) - a wireless packet capture tool for aircrack-ng
airtun-ng (1) - a virtual tunnel interface creator for aircrack-ng
queue (3) - implementations of lists, tail queues, and circular queues
dir_colors (5) - configuration file for dircolors(1)
dircolors (1) - color setup for ls
irssi (1) - a modular IRC client for UNIX
xchat (1) - IRC client for X similar to AmIRC
XCirculateEvent (3) - CirculateNotify event structure
XCirculateRequestEvent (3) - CirculateRequest event structure
XCirculateSubwindows (3) - change window stacking order
XCirculateSubwindowsDown (3) - change window stacking order
XCirculateSubwindowsUp (3) - change window stacking order
This one is more a tip - autocompleting a command or directory using "TAB". If there's only one option then it autocompletes when you hit tab, otherwise it shows the possibilities. For example hitting "TAB" when I have net typed in the shell will return this;
~ $ net
net netcat netkit-ftp net.samba3 netscsid netstat
And hitting tab with /var/ typed will show me the existing directories in /var/ but if I hit "TAB" with "/var/r" than it will autocomplete it with "/var/run" because there's only one option.
This next command is "cat", which concatenates a file and displays it in the terminal. For example if we wanted to read the text file "hakhub" we could just use "cat";
~ $ cat hakhub
Is effin awesome.
You can also string commands together using the ";" operator, like we have with the ip parser and nmap. For example we can make a make a new directory and then copy our "hakhub" textfile to it. We will "cat" it at the end to verify it's there.
mkdir learning; cp hakhub /root/learning/;cat /root/learning/hakhub
Another useful command is "ln", which creates a link to a given file. For example we will make a symbolic link in the learning directory we created to the "hakhub" textfile in our root directory. Assuming we are currently in the root directory we will issue this command;
ln -s hakhub /root/learning/stuff
There's now a file in out learning directory which links back to our hakhub textfile, so if we were to cat the "stuff" link it would display it's contents just as before. So this could be useful to create links to tools located in various directories.
The next useful shell command is "screen", which I use to easily switch between various shells in one window (using CRTL A);
“Screen is a full-screen window manager that multiplexes a physical terminal between several processes (typically interactive shells).”
This next one is "df", which stands for diskfree. Very basic but still nice to know if you have multiple drives or usb's up the yingyang.
~ $ df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/sda1 237431480 51512296 173858308 23% /
none 501520 316 501204 1% /dev
none 508544 284 508260 1% /dev/shm
none 508544 112 508432 1% /var/run
none 508544 0 508544 0% /var/lock
none 508544 0 508544 0% /lib/init/rw
none 237431480 51512296 173858308 23% /var/lib/ureadahead/debugfs
/dev/sdd1 1965696 637664 1328032 33% /media/SD Card
/dev/sdc1 1930464 1291072 639392 67% /media/disk-1
Next is "wget", which is a utility for non-interactive download of files from the internet. It supports both http and https along with ftp and has the ability to utilize proxies. This can be used in a variety of ways, it can be used with conky via bash scripts for example. Backtrack 4 uses a wget bash script to check the external ip and display it in conky. Though the possibilities are endless, that's just one example.
Another great tool that's simple yet has a ton of possible uses when coupled with other tools, grep. This tool is based around regular expressions and is used to search files for text. For example, this command would look for
This next tool is links2 which is a console-based text web browser which is extremely lightweight as you could imagine. There's others like it such as lynx, but I prefer links2 myself. You can use it by typing links2 in your console, then pressing "g" and entering the url. You can use links2 with a proxy like so;
links2 -http-proxy 127.0.0.1:9050
or to run it with a graphical interface, you can add a "-g"
links2 -g -http-proxy 127.0.0.1:9050