LAB #7 Linux Tutorial

Similar documents
Linux Kung Fu. Ross Ventresca UBNetDef, Fall 2017

Lab Working with Linux Command Line

Linux Kung Fu. Stephen James UBNetDef, Spring 2017

Introduction. What is Linux? What is the difference between a client and a server?

History. Terminology. Opening a Terminal. Introduction to the Unix command line GNOME

UNIT 9 Introduction to Linux and Ubuntu

Perl and R Scripting for Biologists

Session 1: Accessing MUGrid and Command Line Basics

Linux Command Line Primer. By: Scott Marshall

Introduction: What is Unix?

Unix/Linux Basics. Cpt S 223, Fall 2007 Copyright: Washington State University

Course 144 Supplementary Materials. UNIX Fundamentals

Introduction to Linux

Linux Essentials Objectives Topics:

Using LINUX a BCMB/CHEM 8190 Tutorial Updated (1/17/12)

EECS Software Tools. Lab 2 Tutorial: Introduction to UNIX/Linux. Tilemachos Pechlivanoglou

Hands-on Keyboard: Cyber Experiments for Strategists and Policy Makers

Unix Tutorial Haverford Astronomy 2014/2015

CISC 220 fall 2011, set 1: Linux basics

Chap2: Operating-System Structures

The kernel is the low-level software that manages hardware, multitasks programs, etc.

Embedded Linux Systems. Bin Li Assistant Professor Dept. of Electrical, Computer and Biomedical Engineering University of Rhode Island

Introduction to Linux. Fundamentals of Computer Science

*nix Crash Course. Presented by: Virginia Tech Linux / Unix Users Group VTLUUG

CS Fundamentals of Programming II Fall Very Basic UNIX

Brief Linux Presentation. July 10th, 2006 Elan Borenstein

Introduction to the Linux Command Line

UNLV Computer Science Department CS 135 Lab Manual

Introduction to Linux

Unix tutorial. Thanks to Michael Wood-Vasey (UPitt) and Beth Willman (Haverford) for providing Unix tutorials on which this is based.

ROS-Industrial Basic Developer s Training Class: Linux Basics. Southwest Research Institute Last Updated 2017

Linux for Beginners. Windows users should download putty or bitvise:

Intro to Linux. this will open up a new terminal window for you is super convenient on the computers in the lab

CS 215 Fundamentals of Programming II Spring 2019 Very Basic UNIX

Contents. Note: pay attention to where you are. Note: Plaintext version. Note: pay attention to where you are... 1 Note: Plaintext version...

Introduction to Linux Workshop 1

This lab exercise is to be submitted at the end of the lab session! passwd [That is the command to change your current password to a new one]

CENG 334 Computer Networks. Laboratory I Linux Tutorial

Linux & Shell Programming 2014

Overview LEARN. History of Linux Linux Architecture Linux File System Linux Access Linux Commands File Permission Editors Conclusion and Questions

Introduction to the UNIX command line

INTRODUCTION TO LINUX

CENG393 Computer Networks Labwork 1

Getting Started With UNIX Lab Exercises

CSE Linux VM. For Microsoft Windows. Based on opensuse Leap 42.2

Command Line Interface The basics

Introduction to Unix and Linux. Workshop 1: Directories and Files

First of all, these notes will cover only a small subset of the available commands and utilities, and will cover most of those in a shallow fashion.

Welcome to getting started with Ubuntu Server. This System Administrator Manual. guide to be simple to follow, with step by step instructions

Hitchhiker s Guide to VLSI Design with Cadence & Synopsys

Linux at the Command Line Don Johnson of BU IS&T

Linux Systems Administration Getting Started with Linux

Introduction to UNIX. Logging in. Basic System Architecture 10/7/10. most systems have graphical login on Linux machines

Lab 2A> ADDING USERS in Linux

CS CS Tutorial 2 2 Winter 2018

CS370 Operating Systems

Computer Systems and Architecture

GNU/Linux: An Essential Guide for Students Undertaking BLOSSOM

commands exercises Linux System Administration and IP Services AfNOG 2015 Linux Commands # Notes

Lab 1: Introduction to Linux Networking

Linux Operating System Environment Computadors Grau en Ciència i Enginyeria de Dades Q2

Computer Systems and Architecture

UNIX. The Very 10 Short Howto for beginners. Soon-Hyung Yook. March 27, Soon-Hyung Yook UNIX March 27, / 29

Read the relevant material in Sobell! If you want to follow along with the examples that follow, and you do, open a Linux terminal.

Introduction to Linux

System Programming. Introduction to Unix

Introduction to Linux

Lab E2: bypassing authentication and resetting passwords

Introduction to Linux. Woo-Yeong Jeong Computer Systems Laboratory Sungkyunkwan University

CS/CIS 249 SP18 - Intro to Information Security

Find out where you currently are in the path Change directories to be at the root of your home directory (/home/username) cd ~

Chapter Two. Lesson A. Objectives. Exploring the UNIX File System and File Security. Understanding Files and Directories

GNU/Linux Course Lesson 1. Puria Nafisi

National University of Computer and Emerging Sciences Operating System Lab - 02 Lab Manual

Optional Labs. 0Handouts: 2002 ProsoftTraining All Rights Reserved. Version 3.07

Introduction to Linux

Week 2 Lecture 3. Unix

1. What statistic did the wc -l command show? (do man wc to get the answer) A. The number of bytes B. The number of lines C. The number of words

Introduction to Unix The Windows User perspective. Wes Frisby Kyle Horne Todd Johansen

The Unix Shell & Shell Scripts

Introduction p. 1 Who Should Read This Book? p. 1 What You Need to Know Before Reading This Book p. 2 How This Book Is Organized p.

Carnegie Mellon. Linux Boot Camp. Jack, Matthew, Nishad, Stanley 6 Sep 2016

Unix Basics. Systems Programming Concepts

Lezione 8. Shell command language Introduction. Sommario. Bioinformatica. Mauro Ceccanti e Alberto Paoluzzi

Introduction to Linux Environment. Yun-Wen Chen

n Describe the CEH hacking methodology and system hacking steps n Describe methods used to gain access to systems

Introduction to Linux

Processes are subjects.

GNU/Linux 101. Casey McLaughlin. Research Computing Center Spring Workshop Series 2018

Lab Authentication, Authorization, and Accounting

INSE Lab 1 Introduction to UNIX Fall 2017

Getting started with Hugs on Linux

Introduction of Linux

Linux Training. for New Users of Cluster. Georgia Advanced Computing Resource Center University of Georgia Suchitra Pakala

acmteam/unix.pdf How to manage your account (user ID, password, shell); How to compile C, C++, and Java programs;

Operating Systems and Using Linux. Topics What is an Operating System? Linux Overview Frequently Used Linux Commands

CTEC1863/2018F Bonus Lab Page 1 of 5

Exercise Sheet 2. (Classifications of Operating Systems)

Linux File System and Basic Commands

This is Lab Worksheet 3 - not an Assignment

Transcription:

Gathering information: LAB #7 Linux Tutorial Find the password file on a Linux box Scenario You have access to a Linux computer. You must find the password file on the computer. Objective Get a listing of the users found in the password file on a Linux box, and turn the list in as Lab #7. (Ignore the non-user information, which makes up 90% of the file.) (Actually, the real objective is to brush up on your use of Linux commands) Computer Network Security 1

The all-powerful user under Windows is Administrator or any user with admin privileges An attacker wants admin privileges The all-powerful user under Linux is root An attacker wants root privileges. Only root has root privileges no other users Linux Prompts: $ = normal user Important! # = root root account superuser / top level directory /root root users home directory Computer Network Security 2

Boot to Linux (Knoppix, BackTrack, Ubuntu) Use one of the Linux CD distributions (aka distro) Press <Enter> when you get the Boot: prompt Open a terminal window (console) The up/down arrow keys access command history Learn the CLI (Command Line Interface) This lab provides a brief overview of some basic features in Linux intended for those not used it (and who should be pitied, not scorned). Computer Network Security 3

Directories (Folders) The Windows directory structure: The Linux directory structure: Password files Note: Various distros may vary somewhat from this structure Computer Network Security 4

Navigating the directory structure You can move: Down the directory structure Up the directory structure Across the directory structure Computer Network Security 5

Enter the following ($ is normal user prompt) $ cd / cd (change directory) $ pwd $ ls The forward slash took us to top of tree Print working directory (where am I?) List files/directories $ ls al List all in a long format Computer Network Security 6

Continued (You re still at the top of the directory structure) $ cd home $ ls $ cd knoppix $ ls -al view the users directories move to knoppix s (or a user) directory view knoppix s directories and files Computer Network Security 7

Continued (You re in /home/knoppix) $ cd root oops! no /root dir under /home/knoppix! $ cd /root $ ls /home/knoppix $ cd.. go directly to /root from /home/knoppix view a remote dir w/o going there move up one level (space after d required) Computer Network Security 8

Don t re-type previous commands use the arrow keys! Tab completion - type part of file/directory name, hit <tab>, handy when names are long $ cd /ro<tab> ro expands to root! Wildcards (can be used with any command) * = zero or more characters;? = zero or one character $ cd /etc /etc is important folder $ ls *.conf $ ls *.c?? Configuration files Finding files (e.g. the passwd file or flags) $ cd / start at top $ find / -name passwd find passwd file list all.c?? files (2 chars after c ) Computer Network Security 9

Continued (You re at the top of the directory structure) $ cd etc move down to the /etc directory $ ls pass* list all files that start with pass $ cat passwd concatenate (that is, list the contents) cat is the Linux version of DOS s type Passwd shows all the user names, but no password hashes $ ls shad* list all files that start with shad $ cat shadow can t view the password file! Only root can! The passwd file lists users, including the user root The shadow file lists users and their password hashes Understand the concept of relative vs absolute movement Computer Network Security 10

Continued (You re in /etc) $ su switch user (root is default) # The prompt changes for root # cat shadow now you can view the password file! # cat shadow less view it a page at a time Press <space> to view next page, q to quit <up-arrow> for previous command If there is no root password there will not be a hash Note: Ubuntu uses sudo instead of a root account. BackTrack root password is toor Computer Network Security 11

Continued (assumes knopix) # passwd root give root a simple password confirm the new password <up-arrow> for next command <Enter> # cat shadow less now there is a hash for root When a password cracker guesses a password (either a word taken from a dictionary or just a random set of characters), it hashes that password and then compares the hash with the hash stored in the password file. If they match, the password has been successfully guessed! Remember, a hash is just the result of a mathematical operation done on the numerical equivalent of a password. Computer Network Security 12

Enter this sequence of commonly used commands: # cd /root go to root s home directory # mkdir test # cd test # pwd make a new directory under /root move to new directory you re in /root/test # echo Hello Linux World. > file1 # cat file1 # rm file1 # cd.. # rmdir test creates a new file called file1 and writes the message into the file view the contents of file1 remove (delete) file1 go up to /root remove test directory Computer Network Security 13

Continued # cat /etc/shadow # cat /etc/shadow # cd ~ # pwd # ls LAB #7 Linux Tutorial one more time Linux is case sensitive go home (/root) list present working directory nothing here # cp /etc/shadow. copy password file here (.) # ls # su knoppix $ ls $ cat shadow there it is - shadow! switch to knoppix user $ = you re a normal user you don t have the right! Note: Both cp and mv (move file) over-write existing files without warning you! Computer Network Security 14

File permissions: dooogggwww = permissions d: directory o = owner g = group w = world Example: -rwxr-x--x r = file can be read w = file can be written x = file can be executed Meaning: This is a file, not a directory (no d ) File s owner can read, write, execute Owner s group can read and execute The world (everyone) can execute only. # cd /etc if not already there, move to /etc # ls l passwd # ls l shadow LAB #7 Linux Tutorial list passwd note permissions list shadow note permissions Do you see the difference between passwd and shadow? World can read passwd, but not shadow Computer Network Security 15

Set user/group ID In addition to the basic permissions shown earlier: SUID or setuid: change user ID on execution. If setuid bit is set, when the file will be executed by a user, the process will have the same rights as the owner of the file being executed. If set, then replaces "x" in the owner permissions to "s", if owner has execute permissions, or to "S" otherwise. -rws------ both owner execute and SUID are set -r-s------ SUID is set - owner execute is not set SGID or setgid: change group ID on execution. Same as above, but inherits rights of the group of the owner of the file on execution. For directories indicates that a new file created in the directory will inherit the group of the directory (and not of the user who created the file). -rwxrws--- both group execute and SGID are set -rwxr-s--- SGID is set - group execute is not set Computer Network Security 16

The ps command (process status) # ps process status running programs # ps A # ps A less # ps ef or ax same as Windows Task Manager PID (process ID) listed in left column list All processes pipe the list to less - q to quit Compare and contrast You can shut down a process using the kill command # kill 2020 2020 = the pid (process ID) # kill -9 2020 # kill HUP 2020 use ps to get pids does a clean kill (closes open files) add -9 to kill for sure kill then restart process Computer Network Security 17

grep grep is a string-search utility sshd is the string we re looking for in this example # ps A grep sshd pipe the ps list to grep SSH daemon (sshd) running? No # ps A grep tty any process names with tty? # ps A grep bash how about bash? Networking commands # ifconfig # ping 127.0.0.1 # netstat an less interface information ping the target (Ctrl-c = quit) list all interfaces pipe to less Computer Network Security 18

The man command LAB #7 Linux Tutorial Short for manual -- documents Linux commands # man passwd describe the passwd command Press <space_bar> to scroll through pages Press <Up> & <Dn> arrows to scroll 1 line Press q to quit Other examples: # man ls # man pwd # man man Computer Network Security 19

Mounting and unmounting a CDROM: # mount /mnt/cdrom mount a CDROM # umount /mnt/cdrom # eject un-mount a CDROM open the cd tray To copy files to a floppy (e.g. for offline cracking): # mount /mnt/floppy mount the floppy drive # cp passwd /mnt/floppy copy passwd # cp shadow /mnt/floppy copy shadow # umount /mnt/floppy Note: Commands may vary across distros Computer Network Security 20

The are over 100 UNIX/Linux Distributions available KDE and Gnome are popular desktop environments The following are used in the Network Security lab: Knoppix - default distribution used in lab (Live CD) Ubuntu - alternate lab distribution (Live CD) Back Track - security toolset (Live CD) Ophcrack - password cracker (Live CD) Solaris - (Intel and SPARC) attack surface Red Hat - attack surface Other popular distributions include: OS X - Apple Mac Slackware - oldest maintained distribution BSD - a branch of UNIX Computer Network Security 21

The Oak Ridge National Laboratory's Jaguar supercomputer. In November 2009 was the world's fastest supercomputer. A Cray XT5, it runs on Linux, with 225k cores and a peak speed of 2.33 petaflops. LAB #7 Linux Tutorial Computer Network Security 22

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback