The Command Line

3.2. The Command Line

By “command line”, we mean to a text-based interface that allows you to enter commands, execute them, and view the results. You can run terminal (a textual screen within the graphical desktop, or the text console itself outside of any graphical interface) and a command interpreter inside it (the shell).

3.2.1. How To Get a Command Line

When your system is working properly, the easiest way to access the command line is to run a terminal in your graphical desktop session. For instance, on a default Kali Linux system, GNOME Terminal can be started from the list of favorite applications. You can also type “terminal” while in the Activities screen (the one that gets activated when you move the mouse to the top-left corner) and click on the correct application icon that appears (Figure 3.1, “Starting GNOME Terminal”).


Figure 3.1. Starting GNOME Terminal

In the event that your graphical interface is broken, you can still get a command line on virtual consoles (up to six of them can be accessible through the six key combinations of CTRL+ALT+F1 through CTRL+ALT+F6 — the CTRL key can be omitted if you are already in text mode, outside of Xorg or Wayland’s graphical interface). You get a very basic login screen where you enter your login and password before being granted access to the command line with its shell:

The program handling your input and executing your commands is called a shell (or a command-line interpreter). The default shell provided in Kali Linux is Bash (it stands for Bourne Again Shell). The trailing “$” or “#” character indicates that the shell is awaiting your input. It also indicates whether Bash recognizes you as a normal user (the former case with the dollar) or as a super user (the latter case with the hash).

3.2.2. Command Line Basics: Browsing the Directory Tree and Managing Files

This section only provides a brief overview of the covered commands, all of which have many options not described here, so please refer to the abundant documentation available in their respective manual pages. In penetration tests, you will most often receive shell access to a system after a successful exploit, rather than a graphical user interface. Proficiency with the command line is essential for your success as a security professional.

Once a session is open, the pwd command (which stands for print working directory) displays your current location in the filesystem. The current directory is changed with the cd directory command (cd is for change directory). When you don’t specify the target directory, you are taken to your home directory. When you use cd -, you go back to the former working directory (the one in use before the last cd call). The parent directory is always called .. (two dots), whereas the current directory is also known as . (one dot). The ls command allows listing the contents of a directory. If you don’t provide parameters, ls operates on the current directory.

You can create a new directory with mkdir directory, and remove an existing (empty) directory with rmdir directory. The mv command allows moving and renaming files and directories; removing a file is achieved with rm file, and copying a file is done with cp source-file target-file.

The shell executes each command by running the first program of the given name that it finds in a directory listed in the PATH environment variable. Most often, these programs are in /bin, /sbin, /usr/bin, or /usr/sbin. For example, the ls command is found in /bin/ls; the which command reports the location of a given executable. Sometimes the command is directly handled by the shell, in which case, it is called a shell built-in command (cd and pwd are among those); the type command lets you query the type of each command.

Note the usage of the echo command, which simply displays a string on the terminal. In this case, it is used to print the contents of an environment variable since the shell automatically substitutes variables with their values before executing the command line.

Environment Variables

Environment variables allow storage of global settings for the shell or various other programs. They are contextual but inheritable. For example, each process has its own set of environment variables (they are contextual). Shells, like login shells, can declare variables, which will be passed down to other programs they execute (they are inheritable).

These variables can be defined system-wide in /etc/profile or per-user in ~/.profile but variables that are not specific to command line interpreters are better put in /etc/environment, since those variables will be injected into all user sessions thanks to a Pluggable Authentication Module (PAM) – even when no shell is executed.