The terminal is a key component of any pen tester's setup. We're going to be spending a lot of time working with the terminal, so the goal is to be comfortable with it. We want something that is appealing to our eye, feature-rich, and stable. A good terminal emulator will help us manage our workflow efficiently. For macOS, my preferred terminal emulator is iTerm2. An honorable mention goes out to Cathode, which attempts to replicate the feel of using an old terminal.
In this article, we will be using your Mac's default Terminal app to install iTerm2. Doing the installation in this way will help new users get familiar with the CLI (command line interface). If you're old hat and already have a solid grip on the command line, a refresher never hurts.
The default macOS terminal app is simply called Terminal, and is located in the Utilities folder in Applications. You can just search Spotlight for Terminal to open it quickly.
- a plethora of color schemes
- window groups
- terminal tabs
- a split pane
- some man page integration
Terminal.app is a solid choice, but it lacks some features that I personally like having access to. This is why I recommend iTerm2, which has all of the features of Terminal and more. A few of my favorites are mouse-less copy, autocomplete, and last but not least, a hotkey terminal window.
You can download iTerm2 directly from its website, but I want to show the install process using the macOS Terminal app instead. Throughout these steps, I have italicized the commands you will be entering into your terminal.
First, go ahead and open the Terminal app. When Terminal is first opened, the working directory is your home directory. Since we're about to download a file, I think the best place to put it is in our "Downloads" folder, so let's navigate there:
- cd ~/Downloads
This command changes us to the home directory's "Downloads" folder. The ~ character represents the home directory.
Next we need to get iTerm2 using the download link on its website. In order to do this, we will need to use the curl command, since wget isn't built into macOS.
Curl is a powerful command line tool for getting or sending files using URL syntax. The -O option is equivalent to --remote-name, which writes curl output to a local file name based on the remote file we get. Without using the -O option, the data for our download is simply printed to stdout. You can read more about curl or almost any other command in the man pages. For curl the command would be:
- man curl
Let's confirm that the file we have hasn't been tampered with. The site lists the SHA-256 of the zip file as:
Since the developer did not include a properly formatted SHA checksum file, we have to do this manually:
- shasum -a 256 iTerm2-3010.zip
This command generates a shasum hash of the given file. The -a switch selects which algorithm to use. Since this is a SHA-256 checksum, we use 256.
With the checksum verified, we know that the file hasn't been tampered with. It also lets us know that the download isn't corrupted.
Now we need to unzip the file:
- unzip iTerm2-3010.zip
Once the file is unzipped, we will do a quick listing (ls) of the directory to verify the file is in the right place:
We see that we have both iTerm2 and the .zip archive. Next, we move the iTerm.app into our Applications folder:
- mv iTerm.app/ /Applications/
Lastly, we remove the .zip file—there's no reason to have it taking up space on our system.
- rm iTerm2-3010.zip
The next step is to launch iTerm2. Depending on your system's security settings, you may have to make an exception before you can open iTerm2.
I trust the iTerm dev team, and feel comfortable making this exception. If you do not, I recommend staying with the default Terminal app included with macOS. We could easily create the exception by navigating to the iTerm2 app in the Applications folder. Then, control-click (or right-click) on it and select "Open"; or we could do it in the Terminal:
- spctl --add /Applications/iTerm.app/
After executing this command, you maybe prompted to enter your username and password. Spctl is macOS's CLI way of interacting with Gatekeeper. In this command, we simply added iTerm2 to our security exceptions list. With that out of the way, we're ready to launch iTerm2:
- nohup open /Applications/iTerm.app/ &>/dev/null &
In this command, we use nohup (no hang up), which will keep our command running even if we close the Terminal.app that spawned our iTerm2 process. Open tells the Terminal to open the file as if we had double-clicked on it. Next is the path to the file we are opening. Lastly &>/dev/null redirects stdout and stderr to /dev/null. Normally, nohup would create a nohup.out file containing both stdout and stderr, but in this case, we don't need it. The & at the end of the command tells it to run in the background, thus returning us to our shell prompt.
With that out of the way we can quit Terminal. We also have iTerm2 working!
If you haven't been in the terminal for a while, or if this is your first excursion into the CLI, think of this as a warm up. We could have installed this app entirely in the GUI, but these tutorials will begin relying on a terminal more in the future. If you are interested in learning more, I recommend reading the first couple of articles in our Linux Basics series. If there is enough interest, I would be willing to do a similar series revolving around macOS.
We've covered a lot of ground on terminal usage—even if it was just doing something as basic as installing an application—and also got ourselves a great terminal emulator! Still to come in this series on getting a Mac ready for hacking, we will be looking at a package manager, basic vim, Ruby, and more. As always, if you have any questions or comments, feel free to post them below.