Bash的基础知识man手册基于Android设备的Kali Linux渗透测试教程大学霸

Bash的基础知识man手册基于Android设备的Kali Linux渗透测试教程大学霸

Kali Linux安全渗透教程新手版

Kali Linux安全渗透教程新手版

第2章  Bash的基础知识

由于基于Android类设备的渗透测试都是通过各类终端实现。所以掌握Shell相关操作就显得尤为重要。Bash是一个为GNU计划编写的Unix Shell。它是许多Linux平台内定Shell,还有许多传统UNIX上用的Shell,如tcsh、csh、ash、bsh、ksh等。Bash是大多数Linux系统上默认的Shell,本章将介绍Bash的基础知识。

2.1  man手册Bash的基础知识man手册基于Android设备的Kali Linux渗透测试教程大学霸

Linux man中的man就是manual的缩写,中文说法是手册。在Linux中,man手册就是用来查看系统中自带的各种参考手册。通过查看man手册,可以从中获取到各种命令、文件、库函数等帮助信息。本节将介绍从man手册。

使用man文件是很容易的,这里首先介绍下它的语法格式及相关参数。man命令的语法格式如下所示:

man [SECTION NUMBER] MAN PAGE NAME

以上命令中,两个选项的含义如下所示:

q  SECTION NUMBER:表示man手册页的章节号。

q  MAN PAGE NAME:表示man手册名称,通常是命令、系统或库本身的名称。例如,如果查找man命令的手册页,执行命令如下所示:

man 1 man

在以上命令中,1表示告诉man命令为第1节,而man参数后面的命令就man手册页的名称。

Man手册页章节号是根据它们自己的规范定义的,主要分为几个部分。如下所示:

q  1:普通命令用这个段查找使用在命令行的命令信息。在上面这个命令中,使用它来查找关于man文件的信息。

q  2:系统调用:即由内核提供的函数。

q  3:C库函数。对于C语言开发,该文档是非常有用的,并且开发者使用开发语言作为C延伸工具,如Python。它将显示参数相关的信息,头文件的定义、行为和基本C库函数调用的目的。

q  4:特殊文件,也就是各种设备文件。这些文件通常保存在/dev/目录中,如字符设备、伪终端等。

q  5:文件格式和转化。该文档包含了Linux系统中文件的格式。如密码文件passwd,该手册页将会说明这个文件中各个字段的含义。

q  6:游戏和屏幕保护。该文档中包含关于游戏和屏幕保护程序信息。

q  7:杂集。该文档中包括各种命令信息和其它信息。

q  8:系统管理员命令和守护进程。该文档中命令和系统守护进程只能由管理员使用。

man手册的页面布局是标准化的,包含一个特定部分的集合。man手册页的每个部分都包含了描述、系统调用或库函数。下面分别介绍一下在man文件中目的相同的部分,如下所示:

q  Name:表示命令、函数、系统调用或文件格式的名称。

q  Synopsis:表示命令、函数、系统调用、文件格式等语法格式。

q  Description:对命令功能的描述

q  Examples:表示对命令如何使用给出的例子。

q  See also:表示参考文档、Web页面及与该程序有关的其它程序。

为了验证man手册的语法格式及内容格式等,下面举几个例子作为验证。

【实例2-1】查看本机伪终端的man手册页。执行命令如下所示:

android@localhost:~$ man 4 pts

执行以上命令后,将显示如下所示的信息:

PTS(4)                     Linux Programmer’s Manual                    PTS(4)

NAME

ptmx, pts – pseudoterminal master and slave

DESCRIPTION

The  file  /dev/ptmx  is a character file with major number 5 and minor

number 2, usually of mode 0666 and owner.group  of  root.root.   It  is

used to create a pseudoterminal master and slave pair.

When  a  process opens /dev/ptmx, it gets a file descriptor for a pseu‐

doterminal master (PTM), and a pseudoterminal  slave  (PTS)  device  is

created  in  the  /dev/pts directory.  Each file descriptor obtained by

opening /dev/ptmx is an independent PTM with its  own  associated  PTS,

whose path can be found by passing the descriptor to ptsname(3).

Before  opening  the  pseudoterminal  slave, you must pass the master’s

file descriptor to grantpt(3) and unlockpt(3).

Once both the pseudoterminal master and slave are open, the slave  pro‐

vides  processes  with an interface that is identical to that of a real

terminal.

……

FILES

/dev/ptmx, /dev/pts/*

NOTES

The Linux support for the above (known as UNIX 98  pseudoterminal  nam‐

ing)  is  done  using the devpts file system, that should be mounted on

/dev/pts.

Before  this  UNIX  98  scheme,  master  pseudoterminals  were   called

/dev/ptyp0,  …   and  slave  pseudoterminals /dev/ttyp0, …  and one

needed lots of preallocated device nodes.

SEE ALSO

getpt(3), grantpt(3), ptsname(3), unlockpt(3), pty(7)

COLOPHON

This page is part of release 3.44 of the Linux  man-pages  project.   A

description  of  the project, and information about reporting bugs, can

be found at http://www.kernel.org/doc/man-pages/.

从以上输出的信息中,可以看到该手册页共有七部分,如主题、文件名称、文件保存位置、参考资料等。在输出信息的左上角可以看到显示了PTS(4)。其中,PTS表示手册名称,(4)表示手册位于第四章节。最后,按下q键退出man手册页。

【实例2-2】查看passwd文件的man手册页。执行命令如下所示:

android@localhost:~$ man 5 passwd

执行以上命令后,将输出如下所示的信息:

PASSWD(5)                File Formats and Conversions                PASSWD(5)

NAME

passwd – the password file

DESCRIPTION

/etc/passwd contains one line for each user account, with seven fields

delimited by colons (“:”). These fields are:

·   login name

·   optional encrypted password

·   numerical user ID

·   numerical group ID

·   user name or comment field

·   user home directory

·   optional user command interpreter

The encrypted password field may be blank, in which case no password is

required to authenticate as the specified login name. However, some

applications which read the /etc/passwd file may decide not to permit

any access at all if the password field is blank. If the password field

is a lower-case “x”, then the encrypted password is actually stored in

the shadow(5) file instead; there must be a corresponding line in the

/etc/shadow file, or else the user account is invalid. If the password

field is any other string, then it will be treated as an encrypted

password, as specified by crypt(3).

The comment field is used by various system utilities, such as

finger(1).

The home directory field provides the name of the initial working

directory. The login program uses this information to set the value of

the $HOME environmental variable.

The command interpreter field provides the name of the user’s command

language interpreter, or the name of the initial program to execute.

The login program uses this information to set the value of the $SHELL

environmental variable. If this field is empty, it defaults to the

value /bin/sh.

FILES

/etc/passwd

User account information.

/etc/shadow

optional encrypted password file

/etc/passwd-

Backup file for /etc/passwd.

Note that this file is used by the tools of the shadow toolsuite,

but not by all user and password management tools.

SEE ALSO

crypt(3), getent(1), getpwnam(3), login(1), passwd(1), pwck(8),

pwconv(8), pwunconv(8), shadow(5), su(1), sulogin(8).

shadow-utils 4.1.5.1              05/25/2012                         PASSWD(5)

从以上输出信息中,可以看到passwd文件中共有七个字段,并且每个字段使用“冒号:”分割。具体每个字段的作用,在该文档中都有详细介绍。在Linux系统中也有passwd命令,如果查看该命令的帮助信息,执行命令如下所示:

android@localhost:~$ man 1 passwd

输出信息如下所示:

PASSWD(1)                        User Commands                       PASSWD(1)

NAME

passwd – change user password

SYNOPSIS

passwd [options] [LOGIN]

DESCRIPTION

The passwd command changes passwords for user accounts. A normal user

may only change the password for his/her own account, while the

superuser may change the password for any account.  passwd also changes

the account or associated password validity period.

……

OPTIONS

The options which apply to the passwd command are:

-a, –all

This option can be used only with -S and causes show status for all

users.

-d, –delete

Delete a user’s password (make it empty). This is a quick way to

disable a password for an account. It will set the named account

passwordless.

-e, –expire

Immediately expire an account’s password. This in effect can force

a user to change his/her password at the user’s next login.

-h, –help

Display help message and exit.

-i, –inactive INACTIVE

This option is used to disable an account after the password has

been expired for a number of days. After a user account has had an

expired password for INACTIVE days, the user may no longer sign on

to the account.

……

CAVEATS

Password complexity checking may vary from site to site. The user is

urged to select a password as complex as he or she feels comfortable

with.

Users may not be able to change their password on a system if NIS is

enabled and they are not logged into the NIS server.

passwd uses PAM to authenticate users and to change their passwords.

FILES

/etc/passwd

User account information.

/etc/shadow

Secure user account information.

/etc/pam.d/passwd

PAM configuration for passwd.

EXIT VALUES

The passwd command exits with the following values:

0

success

1

permission denied

2

invalid combination of options

3

unexpected failure, nothing done

4

unexpected failure, passwd file missing

5

passwd file busy, try again

6

invalid argument to option

SEE ALSO

chpasswd(8), passwd(5), shadow(5), usermod(8).

shadow-utils 4.1.5.1              05/25/2012                         PASSWD(1)

在以上输出信息中,显示了passwd命令的语法格式、选项、描述等信息。从以上的输出信息中,可以发现使用的章节编号不同,显示的帮助文档内容也不同。在以上命令中,也可以不输入章节号1的。因为,man命令默认是从数字较小的手册中寻找相关命令和函数。

注意:man命令是按照手册的章节号顺序进行搜索的。例如查看sleep命令的手册,执行man sleep命令。如果想要查看库函数sleep,则需要执行man 3 sleep命令。这里的章节号,就必须输入Bash的基础知识man手册基于Android设备的Kali Linux渗透测试教程大学霸。

Comments are closed.