Yes! Now it's time to have some fun with Linux.
Today we're going to introduce to the world's most popular penetration testing and ethical hacking Linux distribution: Kali Linux. (pronounced "CAL - LEE")
Kali is the standard beloved by both white-hat hackers and evil attackers alike. It offers a complete suite of attack tools that a competent hacker can use to attack and compromise systems and networks.
Today we're going to start things off with a basic introduction to the Linux terminal. You'll learn:
Are you ready to jump in? Let's do this baby!
Every cybersecurity professional needs to know how to navigate around the operating system from the command line. So today we're going to start things off with the bare basics: launching the Linux terminal.
We'll be using Kali Linux in this training lesson but the material you learn today can be applied to almost any version of Linux... so don't panic.
Alright, so the fastest way to launch the terminal is to simply right-click the Desktop and choose:
Now they we're in the terminal we need to find our way around. Once of your favorite command will quickly become print working directory "pwd".
Here, you can see I'm standing in a directory named "/root"
This is a quick way to find out where you are standing in the mysterious world of Linux. You can then type cd and a folder name to move to different folders (it works the same way as Windows)
Then to view the files and folders in the directory we can list them with "ls":
Remember this: ls is the Linux equivalent of dir
Alright, so now we know a little bit about the command line but there's one really important fact you need to know:
Linux commands are case-sensitive.
This means, typing "pwd" is different than "PWD".
In other words, in Linux case matters. Typing the word in uppercase is completely different than typing that same word in lowercase.
The other thing you should keep in mind is that you can easily find out how to use almost any Linux command by tacking on a -h or --help.
For example, let's say you wanted to use macchanger to change the layer 2 MAC address of your NIC. If you type the command macchanger by itself it gives you a clue what to do.
Ah, so now we see that adding --help should get us going.
So to change our MAC address all we need to do is to examine the command line syntax:
macchanger [options] device
Notice the options that begin with the -m. It's telling us if we type:
macchanger with the "-m" (say, "tack 'm') or if we type:
tack tack mac equals option then we can enter the MAC in the following format: XX:XX:XX:XX:XX:XX. We just need to replace each "X" with the hexadecimal character of our choosing.
I hope this is making sense.
So let's see what MAC addresses are available for us. We could pick anything or we could try to impersonate a known vendor. The help file tells us the "-l" option lists known vendors. Let's see what this tells us:
Okay there's a lot here.
Instead of scrolling through that voluminous list looking for a MAC address to yank, let's use our command line skills to filter through the output.
Notice, when we typed macchanger --help the help file said we could type:
So let's see if we can find all the Apple vendor ID's:
w00t - look at that - so now we are one step closer to spoofing our MAC address. Let's see if we can become that Apple Wireless Airport card.
Now let's see if we actually updated our MAC with ifconfig:
Nope - hmm, so we tried to change our MAC to 00:30:65:00:00:01, the first six characters denoting the vendor ID, but when we ran ifconfig it still shows our real MAC: 00:0c:29:79:4f:b5
It looks like it didn't work.
Let's go back to the command line syntax to see if we can figure out what we did wrong. When we type:
The syntax says we should type:
Usage: macchanger [options] device
So that's the problem we didn't enter the device.
Well, what's the device? It's the name of the interface, the network interface card, that you want macchanger to affect. So let's put in eth0, which is the name of our main NIC.
macchanger --mac=00:30:65:00:00:01 eth0
BAM! Now when we type ifconfig we can see it worked.
So now all packets sent from our computer on the network will appear to originate from an Apple wireless access point. We've effectively masked our source MAC address using macchanger.
Do you see how this stuff works? You don't need Google or anything like that to learn and use Linux. You just need to know how to use the help system.
Alright so that's all you need to know today. Next Monday we're going to dig into:
Get ready because it's going to be a jam packed lecture. These are all the commands you need to pass the SY0-501 exam. Also, if you want to go deeper in your studies consider signing up for our Security+ training course. It's a hands on course with in-depth videos showing you network fundamentals you'll need to pass the exam.
In the meantime, here's a video walk-through of this entire lecture!
If you have any questions leave a comment! Thanks.
Join our FREE mailing list to get FREE Security+ training online. You'll get tons of Security+ videos, braindump PDFs, lab simulations and more.
Pop in your first name and best email address and we'll send you:
The latest updates on the CompTIA Security+ SY0-501 exam
Proven tips and tricks for passing the exam
Hands on video labs with complete step-by-step walk-throughs
And don't forget to refresh your inbox. You should see us there in about 3 minutes.