🏷️ Table of Contents

Terminal Text Editors
1.1 Nano
1.2 VIM
General/Useful Utilities
2.1 Downloading Files with Wget
2.2 Transferring Files From Your Host: SCP using SSH
2.3 Serving Files From Your Host - WEB
Processes 101
3.1 Managing Processes
3.2 How do Processes Start?
3.3 Getting Processes/Services to Start on Boot
3.4 An Introduction to Backgrounding and Foregrounding in Linux
3.5 Foregrounding a process
Maintaining Your System: Automation
Maintaining Your System: Package Management
5.1 Introducing Packages and Software Repos
5.2 Managing Your Repositories - Adding and Removing
Maintaining Your System: Logs

Terminal Text Editors

Instead of using echo and > to write files, Linux offers terminal text editors that make editing multi-line files much easier.

Nano

Beginner-Friendly
to open or create a file use nano file_name

Navigate with arrow keys and add new lines with Enter.

Common shortcuts (press Ctrl + key):

^X - Exit
^O - Save (Write Out)
^K - Cut text
^U - Paste text
^W - Search

You can type multiple lines of text, search, copy/paste, or jump to specific lines easily.

Nano has a few features that are easy to remember & covers the most general things you would want out of a text editor, including:

Searching for text
Copying and Pasting
Jumping to a line number
Finding out what line number you are on

To exit press ctrl and X.

VIM

Powerful but with a steeper learning curve. Benefits:

Customizable keyboard shortcuts.
Syntax highlighting (great for coding).
Available on almost all Linux terminals.
Useful for software development or managing complex files.

❓Edit "task3" located in "tryhacke"'s home directory using Nano. What is the flag?
THM{****_*******}

General/Useful Utilities

Linux has some essential tools to download, transfer, and serve files.

Downloading Files with Wget

fundamental feature of computing is the ability to transfer files.
wgetallows us to download files from the web via HTTP (as if you were accessing the file in your browser).
example: wget https://assets.tryhackme.com/additional/linux-fundamentals/part3/myfile.txt

Transferring Files From Your Host: SCP using SSH

SCP = Secure Copy using SSH (encrypted transfer).
it allows you to transfer files between two computers using the SSH protocol to provide both authentication and encryption.
example of copying from local to remote: scp localfile username@remoteIP:/remote/path/filename
- Variable: The IP address of the remote system: 192.168.1.30
- Variable: User on the remote system: ubuntu
- Variable: Name of the file on the local system: important.txt
- Variable: Name that we wish to store the file as on the remote system: transferred.txt
example of copying from remote to local: scp username@remoteIP:/remote/path/filename localfile

Serving Files From Your Host - WEB

Ubuntu machines come pre-packaged with python3. Python helpfully provides a lightweight and easy-to-use module called “HTTPServer”. This module turns your computer into a quick and easy web server that you can use to serve your own files, where they can then be downloaded by another computing using commands such as curl and wget.

Python3’s “HTTPServer” will serve the files in the directory where you run the command, but this can be changed by providing options that can be found within the manual pages. Simply, all we need to do is run python3 -m http.server in the terminal to start the module! In the snippet below, we are serving from a directory called “webserver”, which has a single named “file”.

Use wget to download the fine using the MACHINE_IP and the name of the file. Remember, because the python3 server is running port 8000, you will need to specify this within your wget command: wget http://MACHINE_IP:8000/myfile

Now open a new terminal to use wgetand leave that one you have started the Python3 web server it. Once you start the Python3 web server, it will run in that terminal until you cancel it.

Example:

❓Download the file http://MACHINE_IP:8000/.flag.txt onto the TryHackMe AttackBox. Remember, you will need to do this in a new terminal. What are the contents?
THM{W***_W********}

Processes 101

A process is simply a program that is currently running on your system.

Each process is managed by the Linux kernel.
Every process has a PID (Process ID).
PIDs increase as new processes start.
e.g. the 60th process started would have PID 60

Viewing Processes

Command ps shows running processes in your current session. Information shown may include PID, CPU usage, status, command being run.

Command ps aux shows all processes on the system, including processes from other users or system processes.

Note we can see a total of 5 processes – note how we now have “root” and “cmnatic”

Command top shows real-time process information. It shopws live CPU usage, memory usage or updating process list.

Managing Processes

To stop process use kill command, e.g. kill PID –> kill 1337

Some of the signals that we can send to a process when it is killed:

Signal	Purpose
SIGTERM	Stop process safely (allows cleanup)
SIGKILL	Force kill immediately
SIGSTOP	Pause/suspend process

How do Processes Start?

Linux ses namespaces to organize system resources.

Think of namespaces like slices of a cake where each slice gets CPU, RAM, and resources. Processes are isolated from others.

The First Process when Linux boots has an ID of 0. This process is the system’s init on Ubuntu (e.g. systemd) which manages system services and processes.

Programs you start become child processes of systemd. This means that it is controlled by systemd, but will run as its own process (although sharing the resources from systemd) to make it easier for us to identify and the likes.

Getting Processes/Services to Start on Boot

Many services (like web servers or databases) start automatically when the system boots. Linux manages these with systemctl. Syntax: systemctl [option] [service]

Examples:

to start a service: systemctl start apache2
to stop a service: systemctl stop apache2

Common options:

Command	Purpose
start	Start service
stop	Stop service
enable	Start on system boot
disable	Prevent starting on boot
status	Check service status

An Introduction to Backgrounding and Foregrounding in Linux

Processes can run in two modes: foreground and background. Foreground runs directly in your terminal - You must wait for it to finish before running another command. Background runs without blocking your terminal. Add & to run a command in background: command & e.g.: echo "Hi THM" & insteadd of output them, you’ll see the process ID.

This script will keep on repeating “This will keep on looping until I stop!” until I stop or suspend the process. By using Ctrl + Z (as indicated by T^Z). Now our terminal is no longer filled up with messages – until we foreground it.

Foregrounding a process

Now that we have a process running in the background, for example, our script “background.sh” which can be confirmed by using the ps aux command, we can back-pedal and bring this process back to the foreground to interact with.

With our process backgrounded using either Ctrl + Z or the & operator, we can use fg to bring this back to focus.

❓If we were to launch a process where the previous ID was "300", what would the ID of this new process be?
301

❓If we wanted to cleanly kill a process, what signal would we send it?
SIGTERM

❓Locate the process that is running on the deployed instance (MACHINE_IP). What flag is given?
THM{*********}

❓What command would we use to stop the service "myservice"?
systemctl stop myservice

❓What comman would we use to start the same service on the boot=up of the system?
systemctl enable myservice

❓What command would we use to bring a previously backgrounded process back to the foreground
fg

Maintaining Your System: Automation

Sometimes you want tasks to run automatically on your system.
Examples: Running scripts, backing up files, starting applications, performing maintenance tasks, … Linux can automate these tasks using cron jobs.

Cron is a background service that runs scheduled tasks automatically. It starts when the system boots and keeps running in the background. These scheduled tasks are called cron jobs.

crontab is the tool used to create and manage cron jobs. It allows users to schedule commands or scripts to run at specific times or intervals. Example tasks you might automate: Daily backups, system updates, running scripts every hour, cleaning temporary files

[!NOTE] Cron is the service that runs scheduled tasks
Crontab is the tool used to configure those tasks

A crontab is simply a special file with formatting that is recognised by the cron process to execute each line step-by-step. Crontabs require 6 specific values:

.	Value	Description
1.	MIN	What minute to execute at
2.	HOUR	What hour to execute at
3.	DOM	What day of the month to execute at
4.	MON	What month of the year to execute at
5.	DOW	What day of the week to execute at
6.	CMD	The actual command that will be executed

example:”To backup “cmnatic”’s Documents every 12 hours use: 0 */12 * * * cp -R /home/cmnatic/Documents /var/backups/

Crontabs support a wildcard symbol (*). The * means “any value” for that time field. This is useful when you don’t care about a specific time unit, but still want the task to run regularly.

Example idea: Run a task every 12 hours where you don’t care about the exact day, month, or year, hence use * for those fields (0 */12 * * * command).

To edit crontab use crontab -e, then select an editor to edit your crontab.

cron3

For more info check Crontab Generator and crontab guru

❓When will the crontab on the deployed instanece (MACHINE_IP) run?
@reboot

Maintaining Your System: Package Management

Introducing Packages and Software Repos

In Linux, software is usually installed as packages.

Developers can submit their software to APT repositories (software libraries).
If approved, the program becomes available for users to install easily.

This system highlights two important Linux principles: Accessibility – software is easy to install and manage and Open source – many tools are developed and shared by the community.

apt2

Additional repositories can be added by using the add-apt-repositorycommand or by listing another provider.

Managing Your Repositories - Adding and Removing

Linux uses APT (Advanced Package Tool) to install, update, and remove software packages.

The apt command is part of the APT package management system, which helps you install software, update software, remove software, manage software repositories.

Sometimes software is not included in the default Ubuntu repositories. In that case, you can add a new repository manually by using add-apt-repository command. Whilst you can install software through the use of package installers such as dpkg, the benefits of apt means that whenever we update our system – the repository that contains the pieces of software that we add also gets checked for updates.

Exercise:

Download the GPG key and use apt-key to trust it: wget -qO - https://download.sublimetext.com/sublimehq-pub.gpg | sudo apt-key add -
Now that the key was added to our trusted list, we can now add Sublime Text 3’s repository to our apt sources list. A good practice is to have a separate file for every different community/3rd party repository that we add.
Create a file named sublime-text.list in /etc/apt/sources.list.d and enter the repository information:
use Nano or other text editor to add and save the Sublime Text 3 repo into this newly created file:
Update apt to recogniye this new entry by using the apt update command.
Once successfully updated, install the software using apt install sublime-text

Removing packages is done by using the add-apt-repository --remove ppa:PPA_Name/ppa command or by manually deleting the file that we previously added to.
Once removed, we can just use apt remove [software-name-here] i.e. apt remove sublime-text

Maintaining Your System: Logs

Linux systems store log files to record activity from the operating system, applications, and services. Most log files are located in /var/log

Linux automatically manages many log files using a process called log rotation. Log rotation archives old logs, creates new log files and prevents logs from growing too large.

Some services create their own logs inside /var/log.

Apache2 Web Server: Records web traffic and server activity.
Fail2Ban: Monitors login attempts and blocks suspicious activity such as brute-force attacks.
UFW Firewall: Tracks firewall activity and blocked connections.

log1

Web servers commonly generate two important log types:

Log Type	Purpose
access.log	Records every request made to the web server
error.log	Stores server errors and issues

These logs help administrators diagnose performance problems, investigate security incidents or monitor website traffic.

log2

Some logs track system-level activity, including system events, service activity, user actions, login and authentication attempts.

These logs are essential for system monitoring and security investigations.

Look for the apache2 logs on the deployable Linux machine.

❓What is the IP address of the user who visited the site?
10.9.232.111

❓What file did they access?
catsanddogs.jpg

Linux Fundamentas Part 3

Power-up your Linux skills and get hands-on with some common utilities that you are likely to use day-to-day!