#readwise # Linux Fundamentals - System Information ![rw-book-cover](https://readwise-assets.s3.amazonaws.com/static/images/article0.00998d930354.png) ## Metadata - Author: [[Hack The Box]] - Full Title: Linux Fundamentals - URL: https://academy.hackthebox.com/module/18/section/70 ## Highlights Since we will be working with many different Linux systems, we need to learn the structure and the information about the system, its processes, network configurations, users, directories, user settings, and the corresponding parameters. Here is a list of the necessary tools that will help us get the above information. Most of them are installed by default. - `whoami` - Displays current username. - `id` - Returns users identity. - `hostname` - Sets or prints the name of current host system. - `uname` - Prints basic information about the operating system name and system hardware. - `pwd` - Returns working directory name. - `ifconfig` - The `ifconfig` utility is used to assign or to view an address to a network interface and/or configure network interface parameters. - `ip` - Is a utility to show or manipulate routing, network devices, interfaces and tunnels. - `netstat` - Shows network status. - `ss` - Another utility to investigate sockets. - `ps` - Shows process status. - `who` - Displays who is logged in. - `env` - Prints environment or sets and executes command. - `lsblk` - Lists block devices. - `lsusb` - Lists USB devices. - `lsof` - Lists opened files. - `lspci` - Lists PCI devices. --- ### `whoami` This quick and easy command can be used on both Windows and Linux systems to get our current username. During a security assessment, we obtain reverse shell access on a host, and one of the first bits of situational awareness we should do is figuring out what user we are running as. From there, we can figure out if the user has any special privileges/access. --- ### `id` The `id` command expands on the `whoami` command and prints out our effective group membership and IDs. This can be of interest to penetration testers looking to see what access a user may have and sysadmins looking to audit account permissions and group membership. ... the `adm` group means that the user can read log files in `/var/log` and could potentially gain access to sensitive information, membership in the `sudo` group is of particular interest as this means our user can run some or all commands as the all-powerful root user. Sudo rights could help us escalate privileges or could be a sign to a sysadmin that they may need to audit permissions and group memberships to remove any access that is not required for a given user to carry out their day-to-day tasks. --- ### `uname` Running `uname -a` will print all information about the machine in a specific order: kernel name, hostname, the kernel release, kernel version, machine hardware name, and operating system. - Note: `uname -m` will print the architecture only. ---