Skip to content

Linux Fundamentals

Unix is an operating system developed by Bell Labs. Basically, it works on a command-line interface, and is designed for large systems. This operating system is not free, but it is proprietary and portable. Linux is a Unix clone developed by Linus Torvalds in 1991. It is open source, and you can use it in anything that has a processor. Linux is flexible, and you can modify and implement it as it is licensed under a GNU General Public License (GPL).

Linux commands

In every Linux host, there are command-line interfaces named shells that interpret and execute typed commands and scripts. There are many shell environments, such as Bourne Again Shell (Bash, which is the most common shell), C shell (csh), Korn shell (ksh), and so on. To find the shells available for your environment, just open the command-line interface and type cat /etc/shells:

Some vital basic Linux commands from the shell:

  • pwd: To know which directory you are in
  • ls: To list files in a directory
  • cd: To enter a directory
  • mkdir: To create a new directory
  • rmdir: To remove a directory
  • touch: To create a new file
  • cat: To read a file
  • cp: To copy a file
  • mv: To move a file
  • man: To be shown how to use a command

Linux is case-sensitive (to give users many command option possibilities -T, – t, -a, – A, and so on), so you need to check how you are writing every command.

As a penetration tester, there are multiple important commands that you need to know in order to test the security posture of a Linux infrastructure:

  • hostname: Information about the host
  • cat /proc/version: Kernel information
  • uname -r: Kernel release
  • uname -a: More detailed information about the system
  • cat /proc/cpuinfo: Reads information about the processor
  • echo $PATH: Display information about the PATH variable
  • history: Display command history


Linux is provided with input/output redirection capabilities to facilitate tasks. It gives you the ability to manipulate the I/O streams using the following three types of streams:

  • Standard input (stdin): In this stream, the input is taken from the keyboard
  • Standard output (stdout): This stream displays the result directly on the screen
  • Standard error (stderr): This is another type of standard output stream, but it carries error information instead of showing the output on the screen


Redirection is another Linux capability to enhance productivity. You can redirect the stream using simple symbols. You can redirect the output of a command to a text file using >, or >> if you want to append the file and not overwrite it; for example, ls >  Simple_file.txt.

Also, if you want to redirect a stream from one command to another, it is recommended to use the pipes like the following line, which lists the first two files in the current directory, ls | head -2:

Linux directory structure

There is a standard structure for Linux directories. According to Linux, generally, everything is a file, even directories and devices. In order to work properly, Linux manages these files in a specific way under a hierarchical design:

  • /root: All the files and directories start from this directory
  • /home: Contains personal files of all users
  • /bin: Contains all the binaries (executables)
  • /sbin: Like /bin, but it contains the system binaries
  • /lib: Contains required library files
  • /usr: Contains binaries used by a normal user
  • /opt: Contains optional add-on applications
  • /etc: Contains all the required configuration files for the programs
  • /dev: Contains device files
  • /media: Contains files of temporary removable devices
  • /mnt: Contains mount point for filesystems
  • /boot: Contains boot loader files
  • /tmp: Contains temporary files
  • /var: Contains variable files, such as logs
  • /proc: Contains information about the system processes:

There are many types of file in Linux operation systems. Each file is represented by a specific symbol—directories, regular files, and sockets, which are communication techniques between applications. 

Users and groups

The following subsection will cover the required Linux commands to manage user accounts and groups. To create a new user, use the useradd command; for example, useradd .

Also, you are capable of adding more information about the new user, such as the related shell, the user directory, and expiration date:

useradd -d

useradd -e

useradd -s

Every user must have a password, and in order to change the password, they need root access. To change a user password, use the passwd command, as follows:


$ passwd

Changing password for user1

(current) UNIX password:

Enter new UNIX password:

Retype new UNIX password:

passwd: password updated successfully

To remove a user, use the userdel command. For example, userdel -r , where the -r option is added to delete the files of the selected user.

Using groups is a technique for managing Linux accounts. Organizing users into groups is a security measure, and an isolation approach. To list all the groups in a Linux system, show the group file in the /etc directory using the cat command.

The group file contains all the groups in your Linux system. Just type cat /etc/group:

To create a new group, use the newgrp command newgrp .


Linux is a multiuser operating system. To protect user accounts and groups, different rights are given to each user and group. There are three main permissions in a Linux system: read, write, and execution. These can be described as follows:

  • Read is the ability to view a file and list the content if the target is a directory. It is represented by the letter (r).
  • Write allows a user to modify certain files and contents of a directory. It is represented by the letter (w).
  • Execute allows a user to run a script or a program and change directories. It is represented by the letter (x).

There are three types of permissions as follows:

  • Set User Identification (SUID): When SUID is set, the file will be executed with the same permission as the user.
  • Set Group ID (SGID): It is the same as SUID, but the file will be executed with the same permission as the group.
  • Sticky Bit: This permission is used when you can create, modify, or execute, but you can’t delete files of another user. Generally used on shared libraries.

The chmod command

To change the permissions of a file, you need to use the chmod command, chmod . You can also use an octal format instead of letters, chmod . To convert the permission from the letters format to the octal format, you need to convert every permission into a value:


Now, let’s take an example and see how to use the chmod command with the octal format in an easy way. Let’s suppose that we need to give the user the permission to read and write, the group only to read, and others only to execute. Then, the octal format will be 641, because:

  • UserRead + Write = 6
  • GroupRead = 4
  • OtherExecute = 1

The final command will be: chmod 641

The chown command

Now, to change the owner of a file, use the chown command chown user:group . To include all the contained files, add the option -R (recursive mode).

The chroot command 

chroot is a technique for separating a non-root process and its children from the other system components. This isolation is designed in the Linux operating system, to make sure that when a subsystem is compromised, it won’t affect the entire system. The idea is to make the process think that it runs in the root folder, but in fact, it will be in a directory created by the administrator. So, let’s take a look at the required steps to build a chroot jail: 

  1. First, you need to create a new user and name it; for example, hacksheets:
  2. Add the user to group root gpasswd -a hacksheets root
  3. You can check whether you added the new user by verifying /etc/group:
  4. Now create a new directory named chroot, and enter it
  5. Create these folders:bin, dev, etc, home, home/hacksheets, lib, var, usr, and usr/bin
  6. Here, at least the bin and lib directories are needed:
  7. Next, copy the bash utility using the cp command, cp /bin/bash /chroot/bin, including the required shared libraries:
  8. Finally, use the chroot command to build the jail chroot /chroot /bin/bash:

The power of the find command

In the previous chapter, we discovered the importance of knowing how to extract the right information from a huge amount of data. When you are dealing with Linux, knowing how to find and extract information will help you use time efficiently.

find is a very useful command to help users locate any file based on defined criteria. The format of the find command is as follows:

$ find

Wildcards are a great additional ability for helping users. They are inspired by the wild card term that describes the fact of assigning any value to a card. For example, when you use the asterisk wildcard (*) in a command, it means the * could be of any value such as the example here, to list all the text files in a directory:

Jobs, cron, and crontab

Linux gives users scheduling capabilities to run commands or scripts in a specific time, and in a repeatable manner. The cron utility is the key to achieve this. Cron gives the ability to run a background job as a routine in a defined time. The following is a cron command format:

All the cron jobs could be listed using crontab -l. They also could be found in /etc/crontab: