Linux Command Line
Last updated
Last updated
The command line (aka "shell") is a powerful interface to a computer. Suppose we type a command cat flag:
Under the hood, Linux does the following things:
I told the shell to run the program cat with the argument flag.
The shell found the cat program file and launched it into a cat process with a flag argument.
cat is a program that outputs files. It reads the flag argument and knows to output the flag file, which contains "pwn_college{1337}".
A process is a running program.
A program is a file on your computer.
Files live in a file system.
Your web browser, your command line interpreter ("shell"), your text editor, all start out as files on the file system and become processes when they are executed.
Unlike Windows (which traditionally has different file systems at different anchor points C:\, D:\, E:\, etc.), Linux presents a unified file system view:
/
The "anchor" of the filesystem. Pronounced "root".
/usr
The Unix System Resource. Contains all the system files.
/usr/bin
Executable files for programs installed on the computer.
/usr/lib
Shared libraries for use by programs on the computer.
/usr/share
Program resources (icons, art assets, etc).
/etc
System configuration.
/var
Logs, caches, etc.
/home
User-owned data.
/home/ctf
Data owned by you in the pwn.college infrastructure.
/proc
Runtime process data.
/tmp
Temporary data storage.
Absolute paths start with /, such as /usr, /home/yans/flags/TOPSECRET, etc.
Relative paths don't start with /, and are relative to the current working directory.
In the command cat flag, how does Linux know where cat is? The answer is the $PATH environmental variable.
"Environment variables" are a set of Key/Value pairs passed into every process when it is launched. Critical variables:
$PATH: a list of directories to search for programs in.
$PWD: the current working directory (same as the pwd command)
$HOME: the path to your home directory
$HOSTNAME: the name of your system
You can print environment variables with the env command, and set them with export:
If you're curious about what program file ends up becoming your cat process after it's found using the $PATH variable, use which.
Examine /home/yans/flags:
- is a regular file
d is a directory (yes, directories are actually just special files!)
l is a symbolic link (a file that transparently points to another file or directory)
p is a named pipe (also known as a FIFO. You will get very familiar with these this module!)
c is a character device file (i.e., backed by a hardware device that produces or receives data streams, such as a microphone)
b is a block device file (i.e., backed by a hardware device that stores and loads blocks of data, such as a hard drive)
s is a unix socket (essentially a local network connection encapsulated in a file)
A symbolic/soft link is a special type of file that references another file. They are created ln -s (-s stands for symbolic):
You can also link directories:
Beware: Symbolic links to relative paths are relative to the directory containing the link!
A hard link (created with ln without the -s argument) is a direct reference to a file via its inode. You can also only hardlink files and not directories.
The inode is a database that describes the file/directory attributes such as metadata and the physical location on the hard drive. They are essentially the numerical equivalent of a full address. With an inode, the OS can retrieve information about the file such as permission privileges and the physical location of the data on the hard drive to access the file. Should a file be moved from one folder to another, the file will be moved to a different location on the hard drive and its inode value will change with it automatically.
A hard link is an equally "valid" reference to the original file as the original file itself. It is a file that happens to be backed by the same data as the original.
Pipes facilitate a unidirectional flow of information. There are two types of pipes:
Unnamed pipes, ethereal channels of information between processes. Most commonly used to direct data from one command to another.
Named pipes, also known as FIFOs, created using the mkfifo command. Also used to help facilitate data flow in certain situations.
Command output can be redirected to files, and command input can be provided from files.
<in_file
Redirect in_file into the command's input
>out_file
Redirect the command's output into out_file, overwriting it
>>out_file
Redirect the command's output into out_file, appending to it
2>error_file
Redirect the command's errors into error_file, overwriting it
2>>error_file
Redirect the command's errors into error_file, appending to it
Input and Output Redirection
