3.2. The Command Line
By "command line", we mean a text-based interface that allows you to enter commands, execute them, and view the results. You can run a terminal (a textual screen within the graphical desktop, or the text console itself outside of any graphical interface) and a command interpreter inside it (the shell).
3.2.1. How To Get a Command Line
When your system is working properly, the easiest way to access the command line is to run a terminal in your graphical desktop session.
Figure 3.1. Starting QTerminal
For instance, on a default Kali Linux system, QTerminal can be started from the list of favorite applications. You can also type "terminal" while in the applications menu (the one that gets activated when you move the mouse to the top-left corner) and click on the correct application icon that appears (Figure 3.1, "Starting QTerminal").
In the event that your graphical interface is broken, you can still get a command line on virtual consoles (up to six of them can be accessible through the six key combinations of CTRL+ALT+F1 through CTRL+ALT+F6 — the CTRL key can be omitted if you are already in text mode, outside of Xorg or Wayland's graphical interface). You get a very basic login screen where you enter your login and password before being granted access to the command line with its shell:
Kali GNU/Linux Rolling kali tty3 kali login: kali Password: Linux kali 5.7.0-kali1-amd64 #1 SMP Debian 5.7.6-1kali2 (2020-07-01) X86_64 The programs included with the Kali GNU/Linux system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Kali GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. kali@kali:~$
The program handling your input and executing your commands is called a shell (or a command-line interpreter). The default shell provided in Kali Linux is Bash (it stands for Bourne Again SHell). The trailing "$" or "#" character indicates that the shell is awaiting your input. It also indicates whether Bash recognizes you as a normal user (the former case with the dollar, $) or as a super user (the latter case with the hash, #).
3.2.2. Command Line Basics: Browsing the Directory Tree and Managing Files
This section only provides a brief overview of the covered commands, all of which have many options not described here, so please refer to the abundant documentation available in their respective manual pages. In penetration tests, you will most often receive shell access to a system after a successful exploit, rather than a graphical user interface. Proficiency with the command line is essential for your success as a security professional.
Once a session is open, the pwd command (which stands for print working directory) displays your current location in the filesystem. The current directory is changed with the cd directory command (cd is for change directory). When you don't specify the target directory, you are taken to your home directory. When you use cd - (dash), you go back to the former working directory (the one in use before the last cd call). The parent directory is always called .. (two dots), whereas the current directory is also known as . (one dot). The ls command allows listing the contents of a directory. If you don't provide parameters, ls operates on the current directory.
$ pwd /home/kali $ cd Desktop $ pwd /home/kali/Desktop $ cd . $ pwd /home/kali/Desktop $ cd .. $ pwd /home/kali $ ls Desktop Downloads Pictures Templates Documents Music Public Videos
You can create a new directory with mkdir directory, and remove an existing (empty) directory with rmdir directory. The mv command allows moving and renaming files and directories; removing a file is achieved with rm file, and copying a file is done with cp source-file target-file.
$ mkdir test $ ls Desktop Downloads Pictures Templates Videos Documents Music Public test $ mv test new $ ls Desktop Downloads new Public Videos Documents Music Pictures Templates $ rmdir new $ ls Desktop Downloads Pictures Templates Videos Documents Music Public
The shell executes each command by running the first program of the given name that it finds in a directory listed in the PATH environment variable. Most often, these programs are in /bin, /sbin, /usr/bin, or /usr/sbin. For example, the ls command is found in /bin/ls; the which command reports the location of a given executable. Sometimes the command is directly handled by the shell, in which case, it is called a shell built-in command (cd and pwd are among those); the type command lets you query the type of each command.
$ echo $PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin $ which ls /bin/ls $ type rm rm is /bin/rm $ type cd cd is a shell builtin
Note the usage of the echo command, which simply displays a string on the terminal. In this case, it is used to print the contents of an environment variable since the shell automatically substitutes variables with their values before executing the command line.