Welcome back, my aspiring hackers!
One of those areas of Linux that Windows users invariably struggle with is the concept of "mounting" devices and drives. In the Windows world, drives and devices are automatically "mounted" without any user effort or knowledge. Well, maybe a bit of knowledge. Most Windows users know to unmount their flash drive before removing it, but they usually think of it as "ejecting" it.
The mount command has a history back to the prehistoric days of computing (the 1970s) when computer operators physically mounted tape drives to the the behemoth, gymnasium-sized computers. These tape drives were the storage medium of choice (as hard drives had not been invented yet) and the operator had to tell the machine that they were mounting the tape before it could be read.
Windows generally auto-mounts drives and devices with the PnP service, so users don't need to think about mounting. Each drive or device then is assigned with a letter mount point such as C:, D:, E:, etc.
In more recent distributions of Linux, auto-mount is often enabled as well, but the true Linux admin needs to understand the mount command and the mounting process as they will someday need to mount a device or drive that does not auto-mount. This is true for the everyday ordinary sysadmin in Linux and especially true for the digital forensic investigator and hacker as many times the devices will not be automatically mounted.
Step 1: File Structure
Remember, Linux has a single tree structure for its file system (unlike Windows) with a root for every drive and device. This means that all drives and devices are part of a single filesystem tree with / at the top. Any other drives must be "mounted" to this tree. We can do this with the mount command.
When we mount a device, we mount it to a directory and it becomes part of the tree. We can mount a device to ANY directory, but when we do so, that directory that we mount our device to is "covered" and unavailable to us. This means we can't access any of the files in that directory. It goes without saying—I think—that's not good. That's why we have special, empty directories for mounting devices. These will vary by distribution of Linux, but generally they are /mnt and /media.
Step 2: Mount Command
Let's take a look at the mount command. Type in:
- mount -h
This brings up the help screen displayed below.
I have highlighted the crucial part regarding the syntax of the command. Basically, it is:
- mount -t filesystemtype location
This command will "mount" a filesystem of the type (-t) at the location specified. So, for instance, we could mount cdrom at the media directory by typing:
- mount -t /dev/cdrom /media
This will mount the cdrom device at the /media directory on the filesystem tree.
We also have numerous options we can use when mounting a device including:
- rw - mount read/write
- ro - mount read only
- user - permit any user to mount
- auto/noauto - file system will or will NOT automatically mount
- exec/noexec - permit or prevent the execution of binaries on the mounted device
As always, you can check the man page for mount to learn all the options:
- man mount
Step 3: Setting Up Automounting with Fstab
The fstab is the "File system table". It a system configuration file in Linux. The mount command reads the fstab to determine what options to use when mounting a filesystem. In this way, it defines the options automatically when we mount the device. It simply reads the entry in the fstab table for that device and applies those options defined there.
As we can see in the screenshot above, we have simply displayed the contents of fstab with the cat command.
- cat fstab
The fstab table is comprised of six (6) columns. These are:
- Device - the UUID
- Mount point - the directory where we want to attach the device
- Type - the filesystem type such ext2, ext3, swap, ISO9660, etc.
- Options - these rw (read/write), auto, nouser, async, suid, etc
- Dump - indicates how often to backup the device
- Pass - specifies the pass when fsck should check the filesystem
Step 4: Umount
When want to unmount a drive or device, the command we use is umount (that's right. I didn't spell it wrong. It is umount, not unmount).
To unmount our cdrom device that we mounted above, we type:
- umount /dev/cdrom
You can NOT unmount a drive or device that is currently being used by the system.
Keep coming back to Null Byte, my hacker apprentices, for more tutorials on hacking and the basics of Linux that you need to know to "Hack Like a Pro."
Just updated your iPhone? You'll find new emoji, enhanced security, podcast transcripts, Apple Cash virtual numbers, and other useful features. There are even new additions hidden within Safari. Find out what's new and changed on your iPhone with the iOS 17.4 update.
54 Comments
You say that devices need mounting as well but are often auto mounted by other operating systems. Do things like a wireless card need to be mounted and are just automatically mounted?
Eight:
Generally, wireless devices are auto mounted, if they are recognized. If not, they must be mounted. If you are using a VM, you must tell the VM to mount any usb device through the hypervisor.
OTW
sir thx for tutorial...............sir i did two practical sucessfully i.e. WEP & WPA2 -PSK (keys)..........sir how can i get complete control over me wifi ...sir plz refer me any tutorial for tht..................
Secret:
What do you mean by "get complete control over my wifi"?
OTW
means can i get access into my router..............can i change its admin password ... through my bt device..............can i change its user name and password ????
Secret:
You can do all those things by using an ethernet cable and connecting to the device. A GUI will pop up when you connect to the proper IP address (usually 192.168.1.101) and allow you control all those properties.
OTW
:) thnx sir....but i was just asking through wifi....thnx alot ur tutorial are quite beneficial.................lot of things are striking in my mind....i will needed ur help time to time........thxn again
If you're connected to the WiFi network you can access your router by opening any web browser and typing in the IP address; like the one OTW gave.
From there you need the username and password to login, but you should already have that information, right?
ghost_
not exactly 192.168.1.101 everytime. look through route or route -n. there should be a default or 0.0.0.0 to destination. That destination is your default gateway. Telnet or search that IP address in your browser and ur in.
This isn't really related, but has anyone tried creating a handler that communicates with a payload simply by pinging the compromised computer according to a predetermined pattern, and vice versa (probably very slow), or is this not possible?
master OTW this is indirectly related to the post above:
In order to gain a systematic ability to develop hack software, where do you see technical skills (with your 20 years experience in the groves of academia?):{In addition to adding to this list please also mention what level of detail in knowledge is required in these)
Absolute:
To answer your questions in order;
OTW
master OTW
i hv a question related to wifi again....how can i get access into a wifi....i always use to connect that wifi but whn i tried to browse internet it navigate me towards a page (cyberome) and required a user name and password for access........can i bypass that page.......sir plz plz refer me some tutorial
tnx
Secret:
This sounds like a proxy intercepting your request?
OTW
I think you mean "cyberoam"?
master
can i use tht wifi.....
yes master ...absolutely
Secret:
I'm sure you can, but I don't have a tutorial here on it. Have you tried googling it?
OTW
yes master i tried a lot......but it connect very easily but for any thing i hv to varify my user name and psswd for even browsing....sir plz help me
Did you check out this site ?
mster otw
no i didn't .............thnx a lot for refering me,,,,,,,,,,,:).................u are very helping .............as always............thnx again
hiii sir, i am very happy to be a follower of null-byte, God bless you sir.
sir, i have something am working on and i was so glad to see this thread.
my issue goes thus:
i have a dongle it has successfully mount to this tree directory "dev/sdc" i need a command that could help me mount the content of the dongle to a folder on my system, so that i can copy the content of the dongle.
i have tried this code "mount -t vfat -o uid=root,gid=users /dev/sdd /root/Desktop/dongle" tell it to mount it to a folder name dongle but didnt work i get error message complaining of the file system type.
sir, kindly pls help me sir.
Horls;
What is the file type of the dongle?
OTW
i dont no sir, but how can i find out sir?
Is this a flash drive on a windows system?
itz a dongle key for a windows software programme
Doesn't it automount?
It is probably a NTFS file format.
okay so what ammendment do you think this code need "mount -t vfat -o uid=root,gid=users /dev/sdc /root/Desktop/dongle" or what code do you think i should use? to give it another try.
Where did you get this original code?
There seem to numerous errors in it.
cant remember precisely where i saw it. kindly help me edit the code to what you think it should be
or enlighten me on the neccesary step i need to take to do it
Horls:
I'm not really sure what you are doing. Are you installing software or are you mounting a dongle?
OTW
i want to mount a dongle, i want to see the content of the dongle, the dongle is a key for a software without the dongle the software will work as trial.
N.B: software and dongle is working fine but i want to explore more by trying to see the content of the dongle on my KALI os. i.e: i want to mount it to a directory(folder)
The dongle will usually auto-mount.
It is already mounted, if the software is working.
yeah! but since its mounted alreading and i know the location where its mounted " dev/sdc" is there any way i can see the content?
You are sure it is mounted there?
If it is, simply navigate to that directory and ls
here is what i get when i try to go to that directory: bash: cd: sdc: Not a directory
and am sure its mounted in that directory
I'm assuming you typed cd /dev/sdc?
yes sir
Then, it is not mounted there.
here is the screen shot sir
Horls:
Looks like it IS mounted there.
That leaves a couple of possibilities. First, it was mounted without read permissions (very unlikely). Second, somehow you typed the command line commands incorrectly.
OTW
yes sir, the way i study it also, i notice its mounted there without read and write permission(for security reasons).
sir, i did not mout it manually neither have i input incorrect code to mount it.
so, sir is it possible to edit it to read and write?
Horls:
I'm sure there is a way, but without actually having access to it, I am only speculating.
OTW
okay sir, i understand.
THANK YOU SIR
How do I mount a USB Flash drive?
If you are using ubuntu, it will automount. Otherwise, mount it to the /media directory.
Nice tutorial, longest one i've had so far. Mostly because i looked into filesystems more and will continue too.
Thanks
And OTW you said in a recent post here to mount a flash drive to /media, is it okay to do it to /mnt? i see no reason not too. Just wodering! thanks
Yes, it is OK, Frosty.
It depends upon the Linux distribution. Some have /media and some do not. In either case, its OK to mount your flash drive to /mnt.
OTW
Master. command:cat fstab doesn't work...why?
"In more recent distributions of Linux, auto-mount is often enabled as well"
difficult to say if its a good or a bad thing for the linux culture!
tks for the effort!
Share Your Thoughts