Recently, some core changes & tweaks were introduced to the Linux architecture & Kernel itself. This article gives an introduction to some of them. Although this focuses on Kali Linux, people using other Linux versions also can use this. These updates are there since 2014 but, are being put to use now only as there are some major changes on the way how the linux system works.
Here in this article, 3 core level changes are discussed.
1. Systemd & Systemctl
2. New Network Manager
3. Journalist
Systemd is an abbreviation for System Management Deamon. It replaces the init process which was the parent of all processes of a unix system in older versions. Systemd starts processes in parallel as compared with init in older versions which starts serially. This was designed to overcome many limitations of init like kernel panic. Also, the intension was to make things clean as possible. As a result, systemd starts much faster than init. Also there is a new logging system called journald which is described later in this article.
Pratically, the core change is the run levels have been replaced by targets. Also all objects are categorized as targets, sockets, & services. Starting a runlevel is ideologically changed into reaching a target.
Read More: http://www.tecmint.com/systemd-replaces-init-in-linux/
1. Check ssh with both methods
2. Some more interesting things using systemctl
Here is a table containing the comparison between init commands & systemd commands. In init based systems, we use service command to control whereas in systemd based, we use systemctl. Have a look at the following table & try it for yourself.
Here are some screenshots(Click to Enlarge).
Here is a list of other systemctl tricks
systemctl show targets #Shows all targets systemctl list-units #Lists all units, use pipe to filter out systemctl list-unit-files #Lists all unit files systemctl list-dependencies #Lists dependencies to all objects systemctl get-default #Shows the default target, default-graphical.target in Kali Sana systemctl set-default <target> #Set the target. try multiuser.target
Nmcli & Nmtui are the new 2 interfaces to the network manager in new unix systems. In Kali Linux v 2.0, this new manager to manage Network Connections is available. Nmcli is the command line version & nmtui is the curses like text interface. Other systems like CentOS/RHEL/Fedora etc are also starting to use nmcli.
Using nmcli, we can add, edit or remove network connections & every small details in each of the connections wee have. In addition, creating bridges & bond connections(Team Aggregation) are just a few strokes away.
nmcli connection show <connection name> <press tab twice to view all connections> nmcli con show eth0<replace with yours>
Here are some Screenshots(Click to Enlarge)
nmcli con show eth0<replace with yours>
nmcli con down eth0
nmcli con up eth0 For this, I have added a new adapter to the VM. Let’s give a static address to the newly added NIC.
NMTUI is an interactive terminal, you can do it by yourself.
Here are screenshots of NMTUI(Click to Enlarge)
Refs: Redhat, GNOME Wiki
Journal is a new system which collects log data including their meta data from various sources within a Linux/Unix system. Journaluses a native API fro collecting logs from various sources including systemd, other service deamons, kernel etc. It indexes the collected data & restructures in an efficient manner. As a result, seek times are less. In addition, journal works in parallel to legacy systems like rsyslog and logs are available in the same locations(/var/log)
Journald service is responsible for collecting the logs & doing all the process. Journalctl is an interactive console tool to view journals. Using journalctl, journals can be viewed & sorted out very quickly as the complete data are indexed. So this can help in solving problems a lot faster.
View logs with journalctl.
journalctl journalctl -xn
Here are the screenshots(Click to enlarge)
Refs: Redhat, DigitalOcean
Putting it all toghether, Kali Linux has had a complet core-level change over. Maybe that’s one of the reasons why the developers have gone from Version 1.1 to 2.0 directly. With improved Kernel, logging system & Network Manager, Kali Linux 2.0 has prooved to be more stable & and to emerge(or remain) as an industry standard Pen-testing Distro.
shadow-rs is a Windows kernel rootkit written in Rust, demonstrating advanced techniques for kernel manipulation…
Extract and execute a PE embedded within a PNG file using an LNK file. The…
Embark on the journey of becoming a certified Red Team professional with our definitive guide.…
This repository contains proof of concept exploits for CVE-2024-5836 and CVE-2024-6778, which are vulnerabilities within…
This took me like 4 days (+2 days for an update), but I got it…
MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection. Its foundation is…