Install Metasploit and Linux commands in Ubuntu

① Download the Linux installation package under Metasploit and copy it to the/opt directory of similar. ② Run the command "chmod + x/opt/framework-linux-4.0.0.run" under Terminal ③ run the command "sudo/opt/framework-linux-4.0.0.run" under Terminal, select the installation directory for installation. ④ Upgrade Metasploit to the latest version and run the command "sudo

① Download the Linux installation package under Metasploit and copy it to the/opt directory of similar.

② Run the command "chmod + x/opt/framework-linux-4.0.0.run" under Terminal"

③ Run the command "sudo/opt/framework-linux-4.0.0.run" under Terminal and select the installation directory for installation.

④ Upgrade Metasploit to the latest version and run the command "sudo svn update/opt/framework4.0.0/msf3 /".

Some Common commands in Linux:

Linux commands

Command set

Linux Command set

1. Document and directory operation commands

1.1 document content query commands grep, fgrep, and egrep

Syntax: grep [Option] [search mode] [document name 1, document name 2,…]

Option:-E each mode is treated as an extended regular expression.

-F each mode is treated as a set of fixed strings instead of regular expressions.

-I is case insensitive.

-L display the document names of the first matching string and separate them with line breaks. When a matching string appears multiple times in the document, the document name is not displayed repeatedly;

-X only displays the rows that match the entire row.

1.2 find, locate

Syntax: find start Directory Search Condition operation

Search by name and document attributes

-Name 'string': searches for any document that matches the document name. Wildcards * And? are available in the string *,? , [].

-Lname 'string': searches for any symbolic link document that matches the document name. Wildcards * And? are available in the string *,? , [].

-Gid n is used to search for any documents belonging to the user group with ID n.

-Uid n: search for any document of a user whose ID number is n.

-The group 'string' is used to find any document that belongs to the string given by the user group name.

-User 'string': searches for any document that belongs to the string given by the user name.

-Path 'string': searches for any document with a path name matching the given string. Wildcards *,? , [].

-Perm permission: searches for documents and directories with the specified permissions. The permissions indicate 711 and 644.

-Type x: search for documents whose type is x,

Syntax: locate

1.3 copy, delete, and move command Document Copy command cp

[Option] source document or directory target document or directory

Option:

-A is usually used to copy directories.

-D the connection is retained during copy.

-F delete an existing target document without prompting

-I and f options are opposite

-P in addition to copying the content of the source document, cp also copies the modified time and access permissions to the new document.

-If the source document given by r is a directory document, cp will recursively copy any subdirectories and documents under the directory. In this case, the target document must be a directory name;

-L do not copy, just link the document

Document mobile command mv

[Option] source document or directory target document or directory

-I interactive operations

-F disable interactive operations

Document deletion command rm

[Option] documentation...

-F ignore non-existent documents and never give a prompt

-R indicates that rm recursively deletes all directories and subdirectories listed in the parameter.

-I interactive Deletion

1.4 document link command ln

[Option] target [Link name] or ln [Option] target directory

Option:-s creates a symbolic link.

1.5 Directory Creation and deletion commands

Create a directory using mkdir

Syntax: mkdir [Option] dirname

Option:-m configures the access permission for the new directory.

-P can be a path name. If some directories in the path do not exist, after this option is added, the system automatically creates those directories that do not exist, that is, multiple directories can be created at a time.

Rmdir Delete empty directory

Syntax: rmdir [Option] dirname

Option:-p recursively deletes the directory dirname. When the subdirectory is deleted and its parent directory is empty, it is also deleted.

1.6 change the working directory and display the directory content command

1. Change the working directory: cd [directory]

2. display the absolute path of the current working directory: pwd

3. Display directory content: ls [Option] [directory or document]

Option:

-A: displays any subdirectories and documents in the specified directory, including hidden documents;

-C sort by document modification time

-C: multiple columns are displayed.

-D if the parameter is a directory, only its name is displayed, but its document is not displayed.

-F mark "/" after the directory name, "*" after the executable document, "@" after the symbolic link, and "|" after the pipeline (or FIFO ", mark "=" after the socket document ".

-L detailed document information is displayed in long format

-L if the specified name is a symbolic link, the document to which the link is directed is displayed.

-T: The display is sorted by the modification time rather than the name.

-U indicates the last document access time rather than the name.

4. Change the access permission command of a document or directory

Chmod [who] [+ |-| =] [mode] Document Name?

Who option:

-Utable indicates the user, that is, any person in the document and directory.

-G indicates the same group of users.

-O (other) indicates other users

-A (all) indicates any user

Operation symbol:

+ Add a permission-cancel a permission

= Grant the given permission and cancel any other permissions (if any)

Mode option:

-R readable

-W writable

-X executable

Chgrp [-R] group filename? Change the directory or document Group

Chown [-Rv] user or group document

1.7 backup and compression commands

1. Run the tar command to create files for documents and directories.

Syntax: tar [main options + auxiliary options] document or directory

U main option

C. Create a new archive document. If you want to back up a directory or some documents, select this option.

R: append the document to be archived to the end of the archive document.

T list the content of the archive document and view which documents have been backed up;

U update document

X release a file from the file;

U auxiliary options

B. This option is set for the tape drive, followed by a digit to indicate the block size. The default value is 20.

F. This option is usually required when you use archive documents or devices.

K. Save the existing document. For example, if a document is restored, the same document will not be overwritten during restoration;

M sets the modification time of any document to the present when restoring the document;

M. Create multi-volume archive documents to store them on several disks;

V carefully report the document information processed by tar

W. confirmation is required for each step.

Z uses gzip to compress/decompress documents

2. gzip command compression/Decompression command

Syntax: gzip [Option] compressed (decompressed) Document Name

Option:-c writes the output to the standard output and retains the original document.

-D decompress the compressed file

-L detailed information of each compressed document is displayed

-R recursively searches for a specified directory and compresses any of the files or decompress them.

-T test and check whether the compressed document is complete

-V shows the document name and compression ratio for each compressed and decompressed document

3. unzip command

Use the Microsoft windows compression software winzip to compress the files in linux.

Syntax: unzip [Option] compressed document name. Zip

Option: Decompress the document in the-x document list, but does not include the specified file document.

-V: view the directory of the compressed file, but the file cannot be compressed.

-T whether the test document is damaged, but the pressure is not solved

-D directory: Decompress the compressed file to the specified directory

-Z only displays the annotation of the compressed document

-N does not overwrite existing documents

-O overwrites existing documents without user confirmation

-J. Do not recreate the directory structure of the document and decompress any document to the same directory.

1.8 run the doscommand in LINUX

Linux provides a set of portable tools called mtools, allowing users to easily read and write documents and directories from standard DOS floppy disks.

Change the MSDOS directory name in the mcd directory

The target document of the mcopy source document is copied between MSDOS and UNIX;

Mdel directory name Delete MSDOS directory

Display MSDOS directory by mdir directory name

Create an MSDOS document system on a low-level formatted floppy disk

Rnlabel drive letter generation MSDOS volume label

Mmd directory name Delete MSDOS directory

Mren source document target document rename the existing MSDOS document

The mtype Document Name displays the content of the MSDOS document.

2 device management commands

Linux defines an IDE hard disk in the following format:/dev/hd [drive] [partition]

The SCSI hard disk uses the same mechanism:/dev/sd [drive] [partition]

For LINUX partitions, mkfs can be used to format and generate a document system. The command is as follows:

Mk2fs-c

Mount-t ext2 [-o optioms] partition mountpiont

-T indicates the type of the specified file system.-o specifies some options, such as read-only ro and readable and writable rw. partition defines the partition name; mountpiont defines the name of the mounted directory in the document system.

Mount CD-ROM document system: mount-t iso9660-r/dev/cdrom/mnt/cdrom

Mount-t msdos-rw/dev/fd0/dev/mnt/floppy

Uninstall document system umount/mnt/cdrom

Pay attention to the following points when installing tape devices:

1. First select a unique scsi id and then link the device to the appropriate location.

2. Select the driver.

3,

Generate a device document. The main device Number of the SCSI tape device is 9, and the secondary device number is 0. Device document names are usually/dev/nrst0 (Tape devices that do not support rewinding) or/dev/nst0 (Tape devices that support rewinding)

Use ls/dev/* rst *

Check whether the tape device document exists. If not, use

Mknod-m 666/dev/nrst0 c 9 9

Mknod-m 666/dev/rst0 c9 0 generation

4. You can configure the block length, cache, tape density, and other parameters, such

Mt setblk 20: Specify the block length as 20

Mt setblk 0: the specified block level is unlimited.

5. Check the system startup information to determine whether the system recognizes new tape devices. Run the dmesg command to check whether the following similar information exists:

Aha274x: target 4now synchronous at 4.4 Mb/s

Vendor: TANDBERG Model: TDC 3800 Rev: = 05:

Type: Sequential-Access ansi scsi revision: 02

Detected scsi tape st0 at scsi0, id4, lun0

Scsi: detected 1 SCSI tape 1 SCSI crom 1 SCSI disk total

3 software package management commands

3.1 software installation steps

To install software on a LINUX system, follow these steps:

1. Find the source document for the software to be installed

2. Unpack the source document and place it in a directory. The command is as follows:

Tar zxvf Source Document Name>

3. Configure the source document for this operating system. It can be used to edit the make document or other documents, or it may be an automatic configuration tool that runs the software, such as./configure.

4. make source document, usually run the make command, that is, execute make

5. install the binary document and other supporting documents. Run the command: make install

6. Finally, complete any other necessary configurations.

3.2 software package management commands

Rpm-ivh Software Package>

// Install the specified software package and # indicates the installation progress during installation.

Rpm-Uvh Software Package>

// Update an existing or uninstalled software package and delete the old version of the software package.

Rpm-e

// Uninstall an rpm package

Rpm-qa

// View the software packages installed in the system

Rpm-q Software Package>

// View the version number of a software package in the system;

Rpm-qlp Software Package>

// List any documents in a software package

Rpm-qf Software Package>

// Find the software package of a document

4 common LINUX commands

4.1 system management-related commands

Wall (Write All)

Send information to all logged-on users. The user can first write the information to be sent and store it in a document, and then enter: # wall example: wall' Thank you! '

Write

Sends a message to a user.

Write xxq

Hello

Enter Ctrl + C to terminate

Shutdown command

Shutdown [Option] [time] [Warning Information]

-K does not actually shut down, but only sends a warning message to any user.

-R immediately restarts after shutdown.

-H: Do not restart after shutdown.

-F: The fsck is skipped During Quick shutdown.

-N: fast shutdown without passing through the init program.

-C. Cancel a running shutdown.

For example, Shutdown the system immediately: Shutdown-h now

Free command

View the memory usage of the current system,

Free [-B] [-k] [-m]

-B is displayed in bytes.

-K is displayed in K bytes.

-M is displayed in MB bytes.

Uptime

Shows how long the system has been running: current Time, system running time, current number of logged-on users, average load of the system in the past 1 minute, 5 minutes, and 15 minutes.

4.2 User-related commands

Passwd command

Configure and change the user password.

Passwd [user name]

Su

Make an ordinary user have the right to the ultimate user and leave the EXIT command available.

4.3 Other commands

Echo command

Displaying a piece of text on the monitor usually serves as a prompt.

Echo [-n] string

Cal command

Displays the calendar of a month of a year.

Cal [Option] [month [year]

Description:

-J indicates that each day of a given month is the sum of days of a year (from January 1, January 1 ).

-Y: displays the calendar of the entire year.

Date command

The date command displays and configures the system date and time.

4.4 disk management

Disk Space Management

Df command

Check the disk space occupied by the document system.

Df [Option]

-A: displays the disk usage of any document system, including the 0-block document system, such as the/proc document system.

-K is displayed in K bytes.

-I: displays the I node information instead of the disk block.

-T shows the disk space usage of each specified type of document system.

-X lists Disk Quota usage (opposite to t) of a document system of a specified type ).

-T shows the document system type.

Du command

The original English meaning of du is disk usage, which means to display the usage of disk space. Does the function count the disk space occupied by directories (or documents? Gt;>? Br> du [Option] [Names…]

-S only gives the total number of data blocks that are also occupied by each Names parameter.

-A Recursively displays the total number of data blocks occupied by each document in the Child directory of the specified directory.

-B is in the byte column, and the disk quota is used (by default, it is in the unit of K bytes)

-K is also the disk space usage in 1024 bytes.

-C: Add a total (system default)

-L calculate the size of any document. For hard-link documents, the calculation is performed multiple times.

-The directories skipped on different document systems are not counted.

Dd command

Copy the specified input document to the specified output document and convert the format during the copy process. Syntax:

--------------------------------------------------------------

Dd> [Options]

If = enter the document (or device name ).

Of = output document (or device name ).

Ibs = bytes: the number of bytes read from the buffer zone.

Skip = blocks skip the ibs * blocks block at the beginning of the read buffer.

Obs = bytes: the number of bytes written into the buffer zone.

Bs = bytes configure the number of bytes in the read/write buffer at the same time (equal to configuring obs and obs ).

Cbs = bytes: converts bytes at a time.

Count = blocks only copies the input blocks block.

Conv = ASCII converts an EBCDIC code to an ASCII code.

Conv = ebcdic converts ASCII code to EBCDIC code.

Conv = IBM converts ASCII code to alternate EBCDIC code.

Conv = blick converts a variable bit to a fixed character.

Conv = ublock converts a fixed user to a variable bit

Conv = ucase converts lowercase letters to uppercase letters.

Conv = lcase converts uppercase letters to lowercase letters.

Conv = notrunc: the output document is not truncated.

Conv = swab exchange each pair of input bytes.

Conv = do not stop processing when noerror occurs.

Conv = sync adjusts the size of each input record to the ibs size (filled with ibs ).

Fdformat command

Low-level formatting floppy disk.

Format [-n] device

-N is not verified after formatting.

4.5 common network commands

FTP command

Telnet command.

Netstat command

-A displays any scoket, including being monitored and.

-C is re-displayed every one second until the user disconnects him.

-I: displays information of any network interface, in the same format as "ifconfig-e"

-N is replaced by the network IP address to display the network connection status.

-R displays the core route table in the same format as "route-e :.

-T shows the TCP connection status.

-U: displays the connections of the UDP protocol.

-V: displays ongoing work.

Nslookup command.

The finger command is used to query user information.

Ping Command.

(You can use TurboUserCfg or XturboUserCfg to manage users and groups .)

4.6 process-related commands.

Process and start

At [-V] [-q] [-f document name] [-mldbv] Time

At-c job [job...]

The process system started by the AT command is only executed once.

Batch [-V] [-q queue] [-f document name] [-mv] [time]

Run the command when the system load is small and the resources are idle.

Cron command

Execute commands at intervals.

Crontab command

Used to install, delete, or list tables used to drive cron background processes.

Process view

Who command.

W command

Is a more powerful command than the who command

W-[husfV] [user]

-H does not display the title.

-U ignores the user name when listing the current process and CPU time.

-S uses the short mode. The logon time JCPU and PCPU are not displayed.

-F indicates the FROM entry, that is, the remote host name.

-V displays the version information.

Only the specified user is displayed.

Ps command.

-E displays any process.

-F full format

-H does not display the title.

-L long format.

-W width output.

A displays any processes on the terminal, including those of other users.

R only displays running processes.

X shows the process without any control terminal.

Top Command

Displays the current process and other status of the system dynamically.

5. Start the system.

5.1 Initial Startup

When a PC is started, the BIOS reads the "Master Boot Record" (MBR) from the specified boot device ). The MBR format is:

Address offset content size

+ 00 h executable code (startup module) may change

+ 1BE h first Partition Table Item 16 bytes

+ 1CE h second partition table Item 16 bytes

+ 1DE h third partition table Item 16 bytes

+ 1EE h fourth Partition Table Item 16 bytes

+ 1FE h executable mark (AA55 h) 2 bytes

The startup module contains code that is sufficient to mount the operating system, or the location where the code is loaded in step 2. The startup module needs to use BIOS calls to load data from the disk, and these interrupt calls, such as INT 13 h

The maximum number of disk cylinders is 1023. This means that all the content to be loaded by the startup module, such as the initial memory disk, kernel, and startup time information, must be stored within 1024 cylinders.

In MBR, there are only four Partition Table items. The format of each table item is as follows:

Address offset content size

+ 00 h partition status: 00 indicates that the partition is not started, and 80 h indicates that the start partition is 1 byte.

+ 01 h partition start position Head 1 byte

+ 02 h the start position of the partition. The cylindrical and sector are 1 byte.

+ 04 h partition type 1 byte

+ 05 h partition end position Head 1 byte

+ 06 h partition end position 1 byte of the cylindrical and sector

+ 08 h the number of sectors in the primary boot area and the first sector of the primary partition is 4 bytes.

+ The number of sectors in the 0Ch partition is 4 bytes.

5.2 Linux Startup Process

1. startup command line parameters

When Linux is started, it processes any command line parameters that are passed to it. This can affect the running mode of Linux. Command line parameters include:

Mem = xxxM: How much memory can be used in Linux? Gt;> do you have any questions? 4 MB memory is required. Because the previous motherboard only cached the first 64 MB memory, using more than 64 MB memory will degrade the performance of the entire computer, and any memory will run at no cache speed.

Single: enables Linux to be started as a single user. The default mode is multi-user.

Root =/dev/xxx: Specify the device for Linux to be installed as the root document system.

Init =: Specifies the document used as the initialization process.

Initrd =: Specifies the device used as the initial memory disk.

Ro: specifies that the root document system is read-only.

Rw: specifies that the root document system is readable and writable.

2 Init process

After the kernel initializes itself and finds the hardware device, start the process init (/sbin/init) in the background and run the init process no. 1.

There are many versions of the Startup Process in the UNIX world, some of which are based on system V and some are based on BSD. In most Linux versions, the implementation method of system V is described here.

Init is controlled by the content and functions of the document/etc/inittab. It varies with the startup mode of a single user or multiple users.

Single-user mode: The init process ignores the/etc/inittab document and calls/dev/console after executing a few script programs.

Shell. In this way, you can have a shell and execute a certain number of tasks.

Multi-user mode: The init process brings the system to the running level specified in the/etc/inittab document. Init enters a specified level through the standard Linux method.

3. Implementation level

Linux is the same as other UNIX operating systems and can be at any running level at any time. These running levels provide different functions, mainly because of the different running service equations (background daemon. Linux has six running levels.

0: shut down the computer or stop the computer. At this level, the system stops running.

1: at the single-user startup level, the system has only one user, namely root, who logs on to the console.

2: multi-user running level, but no network function. At this running level, the network function is not started, but the system allows multiple users to log on, can be through the virtual console or serial line.

3: multi-user mode with network functions. At this running level, any standard network service is started.

4: it is not implemented now.

5: X11 running level. At this running level, X server software runs and the image interface logon mode is provided.

6. restart the system.

Query the current running level: runlevel;

4. scripts run during startup

When the init process is running, it is responsible for viewing the default running level and entering the running level. This is implemented by running the script program under the/etc/rc. d/rcX. d directory. X indicates the running level, that is, a running level corresponds to a directory. Documents starting with different letters have different functions. Where:

A script program starting with K is executed when the system leaves a running level and its function is to stop a certain service. When the system changes from a support level to another level, you must first run any K programs corresponding to the original running level.

A script program starting with S is executed when the system enters a certain running level. Its function is to start a certain service. When the system changes to a running level, it needs to run any S program corresponding to the new running level.

5. Add a STARTUP script.

You may have some specific hardware devices to initialize, or you may need to initialize some other applications at system startup. You can add your own initialization scripts to complete these tasks. The general steps are as follows:

Copy an existing script to obtain a common framework format.

Modify this script to meet your needs. Make sure that the program can process the startup and shutdown parameters, even if it is possible to close and process nothing.

Copy this part to the/etc/rc. d/init. d directory and name it "serv ".

Follow these steps to create a running control link in the corresponding directory:

Ln-s ../init. d/serv/etc/rc. d/rc3.d/s99 serv

Test.

6. LILO and other startup modules

To start Linux, the startup module is required. The Linux boot module is LILO, and LILO uses its own primary boot area to replace the general primary boot area. LILO can be configured by modifying the content of the/etc/lilo. conf file. The lilo command is used to update the content of the boot area.

The following is also an example with DOS, TurboLinux3.4.0 and RedHat

5.2 lilo. conf file for the computer of the system. In this example, the number is added by the user and explained in detail.

[Root @ fred/root] # more/etc/lilo. conf

Boot = dev/had

Map =/boot/map

Instll/boot. B

Prompt

Indicates that the boot disk is/dev/had, which is the master IDE hard disk.

Timeout = 50

The waiting time is 50 seconds.

Default = TL3.4

Other = dev/hda1

If no input is made in the preceding time, the default startup system is TL3.4, that is, TurboLinux 3.4.0.

Label = dos

Table = dev/had

If LILO prompts the user to enter the boot system, the user presses the key and the system displays the label content for the user to choose from.

Image =/mnt/tl3.4/boot/vmlinuz

Label = TL3.4

Root =/dev/hda3

Read-only

The boot document of TurboLinux,/mnt/tl3.4/boot/vmlinuz, is determined. The root document system is in/dev/hda3, and the root document system is read-only.

Image =/mnt/rh5.2/boot/vmlinuz-2.0.36-0.7

Label = RH5.2

Root =/dev/hda4

Read-only

RedHat startup documentation,/mnt/rh5.2/boot/vmlinuz-2.0, 36-0.7 identified, root document system in/dev/hda4, root document system readable and writable.

6. Create a LINUX boot disk

6.1 create boot disks in MS Windows 9x/2000

You can create boot disks in MS Windows 9x/2000 as follows:

Assuming that the current CD-ROM drive is D: first place the Red Hat cd-rom disk in the drive and run the following command in the MS-DOS shell window:

D:/dosutils/rawrite

2. The rawrite utility immediately displays the following prompt information:

Enter disk image source file name:

Please insert a formmated diskette into drive A: and pressthe enter key

3. Enter images \ boot. img as the image source document. Now rawirte immediately displays the following prompt:

Enter target diskette drive:

4. Enter the appropriate drive name

5. Insert the formatted empty disk into the drive, and press enter to continue.

6. The rawrite utility will image boot. img to the disk and complete the operation;

6.2 create a boot disk in LINUX

Steps:

REDHAT is installed according to general requirements.

CD-ROM disk, which is assumed to have mounted the system under the/mnt/cdrom directory. Now you should change the current directory to/mnt/cdrom/images to store the boot image document;

Assume that the disk is/dev/fd0 and the disk is a 1.44 M floppy disk. Run the following command:

Dd if = boot. img of =/dev/fd0 bs = 1440 k

In this way, the required boot disk is created. You can also create a secondary image floppy disk by converting if = boot. img in the above command into the if = supp. img statement.