Linux CLI Utility Tools

What is the Linux CLI, and Why to Use Linux CLI?

Linux is not only used with a graphical user interface. You sometimes might want to use a terminal to do your tasks easily. Therefore, all Linux users need to know some tools that can be used in the terminal. The main aim of the report is ”everyone gets it together.” So, you will find some of the best tools in the Linux ecosystem.

Linux is a family of open-source operating systems based on the Linux kernel. Many distributions, or versions, of Linux are available, each with unique features and software packages. Despite these differences, most Linux distributions use the same basic command line interface (CLI) and include many
of the same core utilities.

The CLI is generally consistent across different Linux distributions based on standards set by the POSIX (Portable Operating System Interface) and the Single UNIX Specification. These standards define functions and commands common to all compliant operating systems, including Linux. As a result, most Linux distributions include a CLI based on these standards and many of the same commands.

This article will answer the fundamental questions about the Linux CLI. We have described the working architecture, its advantages, and some limitations. In addition, we have given examples of many useful commands. The next part will contain the performed and applied versions of these commands on many practical scenarios that interest IT sector employees.

Subscribe to our newsletter to be informed.

Linux CLI – Advantages and Disadvantages

Since it is harder to use Linux CLI (command line interface) than to use GUI (graphical user interface), people may ask or complain about why Linux CLI exists, and some people recommend using it. Therefore, it is important to list the advantages and disadvantages of Linux CLI.

Advantages:

  • Efficiency: The CLI allows users to quickly and easily perform tasks by typing commands rather than navigating through graphical user interfaces (GUIs). This can be particularly useful for tasks that are repetitive or require precise input.
  • Customization: The CLI allows users to customize their environment and create scripts to automate tasks. This can be especially useful for system administrators and developers who need to perform complex tasks on multiple systems.
  • Advanced features: The CLI often provides access to advanced features and options that may not be available through a GUI.

Here are some potential disadvantages of using the Linux CLI:

  • Learning curve: The CLI requires users to learn and remember commands, which can be a steep learning curve for those who are not familiar with it.
  • Lack of accessibility: The CLI may not be as accessible for users with disabilities, as it relies on keyboard input and does not have many built-in accessibility features.
  • Lack of visual feedback: The CLI does not provide visual feedback in the same way that a GUI does, which can make it difficult for some users to understand what is happening.

Linux CLI commands are almost always the same with each Linux distribution, especially the most used ones. However, some commands (e.g., package managers) are different for each Linux distribution.

How does Linux CLI Work?

Both Linux CLI and GUI work on the shell component of the operating system. Shell interprets commands which are just applications. So, users run the application with either CLI or GUI and shell interprets the application for deeper levels of the operation system as can be seen in the figure.

Figure 1: Linux system architecture
Figure 1: Linux system architecture

Behind the Scenes – How are Commands Executed?

When you enter a command in the Linux command line interface (CLI), the command is first split into words by the shell. The first word is treated as the command itself, and the remaining words are treated as arguments to the command.

Commands in the Linux command line interface (CLI) are typically implemented as programs written in a programming language such as C or Python. These programs are usually stored as executable files on the file system, and they can be invoked by typing their name at the command prompt.When a command is invoked, the operating system creates a new process to execute the command. A process is an instance of a program that is being executed. The process is given the arguments specified on the command line, and it begins executing the code in the program.

The process executes the code in the program by reading the instructions in the program’s executable file and performing the actions specified by those instructions. These actions can include reading and writing data to and from files, interacting with the operating system, and performing calculations.

When the process finishes executing the code in the program, it terminates and control is returned to the shell. The shell then prompts the user for another command.

Multiple Shells

Shell creates a copy of itself to run a command. The newly created copy shell turns itself into the command that user wants to execute. The original shell waits until the command’s job is completed. Once it’s job is completed, the original shell takes its place again.

How to Run CLI on Linux?

To run a command-line interface (CLI) on Linux, you can use a terminal emulator. A terminal emulator is a program that allows you to interact with the command-line interface of an operating system.

The architecture of a terminal emulator generally consists of two main components: the user interface and the terminal emulation engine.

The terminal emulation engine is the part of the terminal emulator that handles the actual communication with the operating system. It is responsible for sending the commands that the user enters through the user interface to the operating system, and displaying the output from those commands in the user interface. The terminal emulation engine may also include additional functionality such as support for different terminal types and protocols, as well as support for features such as terminal window resizing and scrollback.

Overall, the architecture of a terminal emulator is designed to provide a convenient and efficient way for users to interact with the command-line interface of an operating system, without the need for a physical terminal.

You are free to use any of these emulator selections, which vary depending on your operating system distribution.

The following sections will include the use and explanation of the popular commands. In addition, you can subscribe to our newsletter to be informed about the scenario-based use cases that will be shared in the future.

The Most Commonly Used Linux CLI Commands

File Managing and Editing Commands

grep

Stands for Global Regular Expression Unit. While you are searching for an exact word or a part of a word, you can use this tool. When the word is found, all of the lines, including that word will be printed. So, this is a useful tool that can filter long log files. This command can be used in many scenarios. For example, you can find a certain types of files in a directory by typing:

ls | grep .pdf

Another possible reason to use it may be filtering IP addresses in a file created by tcpdump or wireshark. So, these applications watch the network activity of a network, and you can filter the demanded IP address out of it.

sed

Sed (stands for Stream Editor) command provides modifying texts. When using this command, you can edit files even without opening them. This prevents wasting time while searching or trying to change something in a file. The sed command supports python regex (regular expressions). Thus, it allows us to write more complex and detailed patterns. You can delete, modify or add texts with this command. Its use case may vary. For example, you may want to remove your IP address from a pentest report to make only the hacker’s IP address remain. You can remove a certain string from a text like this (IP address is given hypothetically, and it is assumed to the filename is report.pdf):

sed ‘/192.168.100.10/d’ report.pdf

You may also want to replace your IP address with other characters to hide it.

sed ‘s/192.168.100.10/7Tester IP Address}/g’ report.pdf

cut

This command is used to get the IP address of a device. The ifconfig command is used to display the network configuration of a device. The output of ifconfig is piped to grep inet, which searches for lines containing the string “inet”, which are the lines that contain the device’s IP address. The output of grep inet is then piped to cut, which extracts a specific field from the input. The −d ” ” option tells cut to use a space as the delimiter, and the −f 10 option tells it to extract the 10th field from the input. The 10th field will be the IP address of the device.

ifconfig | grep inet | cut −d ” ” −f 10

awk

This command edits files too. For example, you have a network log that includes IP addresses in the first column. You can search for a specific IP address in that log (the network log file’s name is assumed to be “logfile.txt”):

awk ‘{ if ( $1 == ”192.168.123.123” ) print  }’ logfile.txt

xargs

Some commands do not take arguments with pipelines. Xargs command provides us to do that. For example, you can replace the old IP address with a new IP address under the /etc directory by typing this:

grep −rl ‘ 192.168.1.111 ‘ /etc | xargs sed −i ‘s /192.168.1.111 / 192.168.2.111 / g ‘

Here the grep command filters the old IP address in the /etc directory. Then sed command replaces the old IP address with the new one as we explained previously.

Networking Commands

lsof

lsof: Lists open files and their associated processes. This can be used to view the network sockets that a program has open, as well as the IP addresses and port numbers of the remote hosts that the program is communicating with. For example, you could use the following command to view the network sockets that a program with the process ID (PID) 12345 has open:

lsof −i −a −p 12345

This will show all open network sockets that are associated with the process with the PID 12345, along with the IP addresses and port numbers of the remote hosts that the program is communicating with.

netstat

Monitoring application for network communications. For example, you can see all sockets (with -a flag) and their connected programs by their name and PID (with -a flag). You can see the programs running with http or https by filtering with grep:

netstat −ap | grep http

tcpdump

‘tcpdump’ is a command-line utility that allows you to capture and analyze packets transmitted or received over a network. It can be used to troubleshoot network problems, monitor network traffic, and capture packets for analysis. When you run tcpdump, it will capture and display packets on the network in real time, showing you the source and destination of each packet, the protocol being used, and other information about the packet. You can use various options to specify which packets you want to capture, how you want the packets to be displayed, and where you want the output to be saved. For example, you can use the -i option to specify the interface you want to capture packets on, the -c option to specify the number of packets you want to capture, and the -w option to save the captured packets to a file

  1. tcpdump −i any > test.txt
  2. #after the sniffing is completed, filter the results to get the source and destination
  3. #to get the source:
  4. grep “>” test.txt | cut -d “>” -f 1 | awk ‘{print $(NF)}’
  5. #to get the destination:
  6. grep “>”  test.txt cut -d “>” -f 2 | awk ‘{print $1}’

In the examples above, the grep command finds the “>” character and gives the output of the line containing that character, the cut command takes the “>” character delimiter and splits the lines into two halves, and lastly awk command prints the last column of the first half and the first column of the second half so that we can get the source and destination.

host

Let’s say you find a suspicious domain name, and you want to find what its IP addresses are. You can use this tool and make the output cleaner with simple filtering in two different ways. To give an example, we used microsoft.com:

  1. host microsoft.com | cut -d ” ” -f 4
  2. host microsoft.com | awk ‘{print $4}’

Both command combinations above do the same process. Host command gets the IP addresses of microsoft.com, and cut, and awk commands take the fourth column out so that we can see the IP addresses purely.

Conclusion

Linux gives users the flexibility to tackle their tasks from a variety of perspectives. Its terminal capabilities make it an especially useful tool for tech-savvy folks who prefer getting things done without relying on visual components!

In conclusion, the Linux Command Line Interface (CLI) is a text-based interface that allows users to interact with the operating system and perform various tasks, such as managing files and installing software. It is a powerful tool that is often more efficient and faster than using a graphical user interface (GUI), and it can be used to automate tasks and access and manage remote systems. The CLI is an important tool for many Linux users, particularly system administrators, and, of course, is a key part of the Linux operating system.

Share This: