Don't Be a Script-Kiddie part1: Introduction to Shell Script
Hello my anxious hackers, the week has started and here we begin a new series that I think will help many here and not only, for those that have the opportunity to follow our tutorials but they are not yet part of the community.
Don't be a script-kid? what do you mean?
In programming and hacking culture a script kiddie or skiddie1 (also known as skid is an unskilled individual who uses scripts or programs developed by others to attack computer systems and networks, and deface websites without knowing how the programs work, it has nothing to do with newbie or amateurs, skrip kids are just dumb and lazies, different from amateur and newbies they don't want to learn, they can spend months, and even years claiming that they are hackers without learning nothing, just by using others tools, without helping the community you can not consider your self a real hacker, so stop using tools without understanding what is going on behind it, plus most of the tools are open source, our kali linux as well, so start exploring what is inside it, change the code, innovate a tool, report a bug, write a tutorial, learn a programming or script language, do something useful.
Are you a newbie?
don't feel bad if you haven't done anything, if you are reading this means you want to learn and not wasting your time by using tools you don't understand, so i got your back now.
what we can expect from this serie?
1-understanding how some tools on kali linux work.
2-Be able to modify some tools inside kali linux.
3- write our own tool and share for everyone here on null-byte.
What are we going to learn today?
1-Basic understanding of shell,bash and terminal
2-Some useful commands for linux
3-writing our own shell script(bash)
4-executing our shell script
4-Understanding how Kali linux commands works
5-executing our script without "./"
6-Leave yours comments
Im really sorry but i wanna be more practical in this lesson
so here we got some quick notes about them.
shell - shell is a user interface for access to an operating system's services. In general, operating system shells use either a command-line interface (CLI) or graphical user interface (GUI), depending on a computer's role and particular operation.
bash -Bash is a command processor that typically runs in a text window, where the user types commands that cause actions. Bash can also read commands from a file, called a script. Like all Unix shells, it supports filename globbing (wildcard matching), piping, here documents, command substitution, variables and control structures for condition-testing and iteration. The keywords, syntax and other basic features of the language were all copied from sh. Other features, e.g., history, were copied from csh and ksh. Bash is a POSIX shell, but with a number of extensions.
terminal -It's a program called a terminal emulator. This is a program that opens a window and lets you interact with the shell. There are a bunch of different terminal emulators you can use. Most Linux distributions supply several.
2-USEFUL COMMANDS ON LINUX
Now fire up your kali linux and open your terminal
we will talk about the commands we will use in this lesson
Lists the contents of a directory
writes the full pathname of the current working directory to the standard output.
The cd command, also known as chdir (change directory), is a command-line OS shell command used to change the current working directory in operating systems
The mkdir (make directory) command in the Unix
cp is a UNIX command for copying files and directories
is a basic UNIX command used to remove objects such as files, directories, device nodes, symbolic links, and so on from the filesystem
chmod - modify file access rights
for now thats all if i forget to explain a command during our tutorial just google it and try to understand why i used it, its also one of step of stop being a script kid, you need to find the "because" of "why" by your own sometimes.
3-WRITING OUR "hello planet" SHELL SCRIPT
just open your text editor and write the code in the picture below, i wont paste here the code to eliminate the habit of copy and paste, its better when you write by yourself.
i will be using leafpad you can use any other.. so after you finish writing save it as hello_sell.sh
Understanding the script
The line 1 of the script is important. This is a special clue, called a shebang, given to the shell indicating what program is used to interpret the script. In this case, it is /bin/bash. Other scripting languages such as Perl, awk, tcl, Tk, and python also use this mechanism
The lines 2,3,4,5,6 are comments. Everything that appears after a "#" symbol is ignored by bash
the line 7 is the echo command. This command simply prints its arguments on the display
RUNNING OUR SCRIPT
Now go to the folder where you saved your file, mine i did save in Desktop,using the cd command that i explained above, i went to the desktop folder and tried to executed our script but we got one of my favorite error msg"permission denied" what does it means?
it means that we dont have rights to execute this file, so we can again use one of the above commands to give us rights to execute this script, so we will be using the "chmod with the +x options"
and after that our script will be execute normally as in the picture below
wow congratulation bro/sister, you are no longer a script kid, you just run your first own tool, actually in the real world we will not consider it a real tool, but you are getting it, you made your own virtual printer "lol i don't even know if i can say that" but anyway you got it.
4- Understanding how Kali linux commands works
ok now comes the funnier part of this lesson
just type again null__byte.sh or even without the "./"
ooops "another error" command not found, and this is where a lot of script kiddies will stop, a lot of times i see people here on nullbyte posting tutorials with new tools, a script-kid download it then run it with "./" even after years he/she can not understand what is going on behind, why for tools like "nmap,msfconsole,nikto" i dont need to type with the "./" and specify the full path of where the tool is located? Dont panic i got your back, first of open your bin folder in kali linux,
you could also go there by terminal typing : cd/bin
In case you are in the root directory, but i want you to have also a graphical look of it, we can see that there are some files of commands we often use in kali linux such as "cp"echo"dir"chmod"dd" and so on.
so why nullbyte did not work without the "./"?
When you type in the name of a command, the system does not search the entire computer to find where the program is located. you have noticed that you don't usually have to specify a complete path name to the program you want to run, the shell just seems to know.
what happen is that the shell does know. Here's how: the shell maintains a list of directories where executable files (programs) are kept, and only searches the directories in that list. If it does not find the program after searching each directory in the list, it will issue the famous command not found error message.
This list of directories is called your path. You can view the list of directories with the following command:
as we can see from the above pic these are our path where we can place our script, the system will search for scripts inside this folder when we type a command without "./"
note: the path terminate where the new":" starts, so i got the following paths "/usr/local/sbin"
and i guess now you got where i got the other paths.
ok now lets do something very cool, first of copy your file to one of the paths listed above, i will use the first one "usr/local/sbin"
so as i explained above the command to copy is the cp, so lets run it
cp null_byte.sh /usr/local/sbin
now run again our script without the "./"
Wow we got our script working without the "./",
cool but another cool thing you could do also is to run the script without the ".sh".
To do this simply save your script again without ".sh" and copy to your path (I guess now you have an idea where is your path), give the permissions and run it again without ".sh".
Bingo, you just got it running like any other tool inside kali linux
Ok for now you can say that you are not script kid anymore, you start to understand how stuffs work inside kali linux ,and today you have made your own tool"virtual printer ", but professionals do not advice you to proceed this way to run your scripts when you want to run it without specifying the full path and run it with the annoying "./ and .extension" so we have another trick.
A better way would be to edit your .bashprofile to add our bin path, so for this we will need to create our own bin folder somewhere else where we can put our own scripts, so that would be easy to control or manage our script than messing it with system scripts and so on, so lets first create our bin folder, then copy our script to this folder
ok now remove the file from /usr/local/sbin path, (yes i know we could just use move, but i want you to explore more commands)restart the terminal and run null_byte
(oops the same error" command not found") why?
Because we did not tell the system about our new bin folder
So lets edit our bashprofile and tell the system where to look for our scripts.
on kali lnux just run the following command(in case you are using leafpad too) :
and add the following:
save it, restart your terminal and then run it again from anywhere without "./" and .sh
Bingo we got it... our script is running from anywhere in kali linux without the "./" and the ".extension", so for now when someone post a tutorial here and he/she uses a tool that is not by default in kali linux instead of specifying the whole path try to bring them to your bin folder, and run it just like any other tool..and remember don't just copy and paste, don't run tools without the understanding of what is going on behind it, for now that is all, leave your comments below if i miss something or if i said something wrong.. see you in the next lesson...
Hacked by Mr__Nakup3nda