Close this search box.
Close this search box.

Linux Essentials, Part 2: Mastering Search Commands

Gaining expertise in the Linux command line interface (CLI) is often the biggest challenge for those aiming to excel in white hat hacking. This series is tailored for those who aspire to become pentesters or ethical hackers but lack fundamental CLI Linux skills.

In this installment, we focus on efficiently locating files, binaries, directories, and configuration files in Linux. Understanding a few essential commands can significantly ease the learning curve and make the Linux command line more user-friendly.

Exploring Linux Search Commands

locate One of the simplest methods to find items in your file system is the locate command. When you use locate followed by a keyword, it searches your file system for every occurrence of that word. However, locate might not show recently created files immediately, as it relies on a database updated daily.

whereis If you’re specifically searching for a binary (analogous to an executable in Windows), the whereis command is ideal. This command not only locates the binary but also its associated manual pages.

which For a more focused search, which locates binaries that are included in the Linux PATH variable. This command is particularly useful for quickly finding executable files.

find The find command is the most versatile and powerful of all search utilities in Linux. It allows searches based on various parameters like file name, creation date, owner, permissions, and size.

Basic syntax: find [directory] [options] [expression]

Example: To search the entire file system for a file named apache2: kali > find / -type f -name apache2

In this command:

‘/’ represents the starting directory for the search.
‘-type’ specifies the type of file; here, ‘-f’ indicates a regular file.
‘-name’ directs the search to look for files named ‘apache2’.

To narrow down the search to the /etc directory: kali > find /etc -type f -name apache2

In this example, we’ve utilized the sudo command. This command enables you to execute programs with the security privileges of another user, typically the superuser, granting enhanced access for specific tasks.

For a wildcard search in /etc for files starting with apache2: kali > find /etc -type f -name apache2.*

grep When looking for specific keywords within command outputs, grep is exceptionally handy. It filters and displays only lines matching the specified keyword. In Linux, we often use grep in conjunction with piping (|) to direct the output of one command into another.

Example: To find whether the apache2 service is running: kali > ps aux | grep apache2

This combination filters out all irrelevant details, displaying only those related to apache2, making the search much more efficient.

Stay tuned for more insights as we continue to build a solid foundation in Linux, essential for anyone aspiring to be a professional white hat hacker!

Leave a Reply

Your email address will not be published. Required fields are marked *