Access your FREE Linux lab here: https://bit.ly/3FJOXnN (HTB Academy)
Welcome to episode 7 of the Linux for Hackers series. In this episode, NetworkChuck takes you on a journey of how to manage processes in Linux. He covers everything from how to find processes, put them in the foreground and background, and even how to KILL processes!!
Checkout HTB:
-HTB: https://bit.ly/3dZ31NF
-HTB Academy: https://bit.ly/3q80iqC
🔥🔥Join the NetworkChuck membership: https://ntck.co/Premium
**Sponsored by Hack The Box
0:00 ⏩ Intro
1:49 ⏩ Access your FREE Linux Lab
2:23 ⏩ recap: What is a Linux Process?
2:54 ⏩ the PS command (diving deeper)
4:40 ⏩ how to KILL a Linux Process
5:40 ⏩ find a process id by name (pgrep)
6:28 ⏩ ps….let’s talk more about it
8:00 ⏩ how to monitor Linux processes (top and htop)
9:01 ⏩ background and foreground processes
15:02 ⏩ the KILL command (deep dive)
Okay, here we go. This one’s gonna be quick. So get your coffee ready today. We’re gonna learn how to manage our processes, processes
Hello and welcome to episode seven of my Linnux for hackers and everyone. Cuz everyone needs to learn Linnux series today. We’re learning one of those as skills that you just, just have to know when you’re messing with Lennox and that’s how to deal and manage with those pesky processes processes. I can never say that right now. If you’re a windows user, you deal with this kind of crap all the time, right? They’ll do control, delete, open up your task manager. And if something’s acting up and go in here and just stop that sucker and that task, I’m gonna show you how to do that and more and Lennox and course it’s all through the command line. So it’s much more sexy anyways.
And we’re able to do this because of the sponsor of this entire series hack the box academy. So seriously check the link below launch that free lab. So you can follow along with, as we go through stuff and Lennox, and also what is hack the box academy? Well, if you want to become a hacker or you have a passing curiosity in what the junk hacking is, that’s the place to start, man. They give you everything. You need all the foundational knowledge to step forward and learn how to become a hacker. So if you’re like starting at zero, you’re like, I don’t know what to do. They’ll tell you what to do. So yes, use their lab right now for free as we go through Linux and also don’t be afraid to play around and go to other stuff. It’s awesome. But anyways, no time to waste.
Let’s launch our free lab right now. So get your stuff logged into hack the box academy. I’ll again, have a link below once you’re logged in, we’re gonna jump into our Linux fundamentals course and on the right column here, we’re gonna jump into service and process management right here, and then it here comes the fun part. We’re gonna scroll down just a little bit right here until we see my workstation to access that lab. We’re gonna click on start instance. That’s gonna start up super fast and there it is, our little bitty Linux box. So you have to like really squint to be able to access everything. No, I’m just kidding. Just click on, um, interact. It’ll open up the massive browser window for you. Yeah. Look at us. Look at us here. So like I said before, we’re talking about Linux processes, processes, and if you’re wondering, uh, what the junk is at Lenox process, jump back to the previous video.
The previous episode, episode six, we talk about it basically every time you launch an application or do really anything on Linux, boom, a process has started. So for example, I just launched Firefox, ready to go. There he is. This is a Linux process. And by the way, right now, go ahead and do that yourself. Launch Firefox, click on that guide. Just have ’em sitting there looking all pretty. And at the same time we’re gonna launch our Lennox terminal. Our favorite place to be woo. There’s my guy right there. So we’ll launch that guy real quick and they’re right here with one command PS. We can see some of our running processes. Well, hold on, wait, we don’t see Firefox right there.
Copy that and paste it. And then we do a pipe and grip for Firefox. There it is. Who okay. Time for copy. Break on that one. And if you’re wondering what the junk just happened, don’t worry. We’re gonna walk through all that. I just wanted to scare you for a second. Okay. So the PS command
PS, all that’s doing right now is telling me what’s running right here in my terminal. The one I just launched and what’s running right now. Well, it’s our bash shell and
Not crazy. We can easily scroll through it, but who wants to do that? So we’ll do a pipe and we’ll grip, which grip just is Lenox. Speak for finding stuff.
How do we do that? We kill him with the kill command.
You’ll love it. Trust me, watch this. So instead of using the PS command, there’s a command called P GRE
Now we’re gonna take a step back. We’re gonna stop killing things just for a moment, but we’ll get back to it. Don’t worry. I’m gonna clear my, my terminal here. And I wanna get back to focusing on the PS command cuz he’s it’s a big command. You can do a lot with it first, like my previous video where talked about getting help, you can do PS dash help. Now it didn’t give us help just yet. It just gave us help with the help.
That’s nice. Now normally when you’re using PS, you end up using a couple switches all the time. The three I always use is a U and X. So I’ll do PS dash a U X, a being all users X, which means processes that were not executed by this terminal. So just all, all the stuff. And then you, which does not show up here, it’ll simply list the user that that process belongs to you. Would’ve seen this command in the last video as well. So PS dash a aux, and it gives you a ton of output. Expand this a bit. The first gajillion of the processes are all owned by a route. You can see their username right here, the process ID. And as you scroll down a bit will start to see other users. And again, the most common way I use this is by doing PS aux and then doing grip for whatever program I’m looking for.
So if I do Firefox, he’s still alive. That’s okay. We’ll kill him for good here in a bit. It’s like Jason and I normally do that because not all systems will have P grip installed. Now, before we go deeper into processes and how to kill them and all the different kill switches we can use. Yeah, it does not on fun. Right? I told you, uh, let me show you two commands that are pretty fun here and how to monitor the processes. This is on Linux. The first command is simply top new command time top. That’s it really fun? Watch this just hit enter. Ooh, that’s fun. Look at that. What this is doing here is showing you the running processes is on processes. There we go on the, and, and it’s sorting them by their CPU usage. So we got a process ID right here, the user running the sucker, we got CPU memory.
And if you’re wondering what this process is, that’s taking up all of our stuff. It’s um, VNC. It’s how we’re accessing this box and a browser. So it’s taking up the most stuff. So from here, go ahead and hit Q that’s gonna get you outta there and even better. One is H top. Let’s try it out. This one’s pretty trust me. Woo. So it’s essentially doing the same thing as the other one, but it’s, it just looks cooler, right? Like I wanna leave this up all day. It’s just awesome. So it’s just a fun way to monitor what’s going on with your Lennox box. Anyways, let’s move on. Hit cue to get outta there. Let’s clear our screens, cuz we’re about to do some more stuff in perfect time for just a little little coffee break. So right now we’re gonna stay in terminal land.
We’re gonna stay right here in our shell. I wanna talk about two things. Two types of processes. I said it right that time and it was easy. Okay. I I’m getting better. We have our foreground processes and we have our background every time I say it now, I feel like I’m saying like a foreign language. It is very strange. Let’s do a foreground process real quick just to connect the dots here. So right now, go ahead and type in ping, which is the utility network engineers and pretty much anyone in it uses to make sure things are up. It says, Hey, are you there? And they reply, yes, I’m here. I’m awake. That’s what ping is. So we’re gonna do ping. We’ll do a dash C, which stands for count and we’re gonna send 100. Hey, how you doing? And then I’ll specify the server.
I’m going to ping. So let’s go ahead and do network. chuck.com. My website hit enter and it’s going to send a ping. And right now we’re getting replies back saying, yes, I’m awake. Yes, I’m awake. And it’s gonna do that 100 times. This is an example of a foreground process. Cuz as right here in front of us, we can’t really do anything with a terminal. It’s interrupting it. Either have to wait for it to finish or stop it. So right now, go ahead and do control C, which was a version of kill. I’ll explain it here in a bit. That’s a foregone process. Another popular one you might see as you’re learning, this would be sleep type in sleep. And then like, let’s just do 30. That’s gonna sleep for 30 seconds right now. Go to sleep and just wait. And while it’s waiting, we can’t do anything.
It’s just stuck. If we do control C to kill it, um, it it’s stopped. So that’s a foreground process. Now what’s really cool is we can take these foreground processes like a ping job that, that feels weird saying that we can take a ping and we can actually put that sucker in the background. Let’s try it out. So let’s go ahead and do our thing here. We’ll do ping dash C. We’ll do one of the thousand, cuz that doesn’t really matter. And we’ll do network chuck.com again and start that bad boy hit enter. So it’s gonna go whatever. Now, while it’s going, do this, do control Z on your keyboard, which has happened now in case you didn’t hear the emphasis. I said, control Z, not C, Z, Z. It’s the sleeper hold man. We put him to sleep. We knocked him out. We can see right here, he has been stopped.
We can get a list of our current running jobs or the jobs we put to sleep by typing in jobs. And this will show us our jobs table. There it is right there. There’s our ping that we had going. We put him to sleep with control Z. Bam knocked him out and now he’s just kind of chilling now real quick, just so you know, he’s still a foreground process. Again, he’s just asleep. What do you say? We change him to a background process and it’s actually very, very simple. So notice one thing right here. The one
If we had more than one job, we’d have to specify the job ID. We can go ahead and do that just by doing one. Now, what do you think is gonna happen when I run this? Let’s try it up. Head enter. He starts running again. Now it seems like he’s still running as a foreground process. Kind of feels the same, but try this. Try to stop it. Try to do control C. Nope. He doesn’t stop.
Now going with the same pattern we’ve already went with, what do you think the command is? If you guess FG, you’re a genius man. So type in and it’s gonna be kind of hard to see it, but trust me, it’s gonna happen type in FG. Do, do a space and do one and boom. So now he’s back to being a foreground process and if we do control C, he stops. So that’s kind of cool. So we took our P command. We put him to sleep with control. Z did BG to put him in the background. Now he’s running the background. We can’t touch him. Then we did FG to bring him back into the foreground, go and try it a few times. Yourself, just play around with it. It’s fun. It’s not gonna hurt anybody. It’s good practice now real quick. Just for fun. I’m gonna start a bunch of stuff and just put ’em all to sleep.
So I’ll do like a ping dash C 1000, 10,000, however many network, chuck.com. Then I’ll do control Z to put him to sleep. I’ll do sleep in actual sleep. I’ll do sleep 60. That’s currently running in the foreground. I’ll put him to sleep. I’ll put sleep to sleep kind of weird. Right? I type in jobs. I can see they’re both stopped. There’s ping. There’s sleep. Sleep was put to sleep. That’s like inception. Isn’t it. Leonard order to Caprio. And let’s just do one more. I’ll do ping dash C 100 google.com. Get that going, put him to sleep. Now if we type in jobs, we got three jobs in there that are stopped now real quick. I want you to go ahead and start job number three and put him in the background. Go now to do that. It’s pretty simple. BG three. Google’s now doing stuff.
Can’t stop him. He’s just gonna do it. But if I bring him back to the foreground by doing FG three and then control C, he’s done not if I type in jobs, he’s gone cuz we, we, we killed him.
He’s number three, I’ll do FG three and then stop him. He’s gone. And by the way, processes can have a number of statuses. Um, if, if we take a look at hack the box, it gives the main ones running, which is a good thing waiting stopped. And then who zombies anyways. There’s more than that. And we can actually see that by doing a, um, oh, what happened? Like let me do my ping in once or more. I’ll do ping dash C one network check.com. I’ll control Z that put him to sleep, which is actually stopping him. Um, if I do PS dash ax, there he is right there. Ping dash CEO, blah, blah. And then there’s his status, which is T which stands first stopped. It actually stands for traced, but it means stopped. Now let’s get back to killing things.
There are some things you gotta know about the kill command. Whenever we do use the kill and to kill a process is actually sending a kill signal and there are different signals we can send. For example, when we just by default say kill, let me show you the list. If I type in kill, it’s just a weird thing to type in and do a dash L it will list all the possible signals we can send. If you’re like, whoa, what’s overwhelming.
So as like a saw ops kill, it’s like, I’m gonna shoot, but I don’t know. I don’t know a good analogy for that, but essentially ask a process nicely, please die. And he can refuse. So if you ever use the kill command and you don’t actually specify a kill signal, it may not kill that process. Especially if he’s going a little crazy. Now, a couple of the kill commands and this is what’s really cool. Um, I bet you didn’t know that when we’re press seeing control control Z and control C, we’re actually doing kind of a shortcut for the kill command. It’s just specifying a different signal. So for example, when we’re using the control Z command, I’ll write it down. Cause I know it sounds similar. Control Z. We’re actually using kill signal 19. We’re easy at CIG stop. And then if we do control Z again, the second time we’re using 18 SIG continue, it’s kind of cool.
Right? And then for control C, we’re doing number two, SIG interrupt. Like, Hey, Hey, I don’t mean to interrupt, but I do
I’m just gonna type in PS right here in our terminal. And there he is. There’s Mr. Sleep. Dr. Sleep 2 1 3 74. So I’m gonna do kill. And the kill signal is dash 19 and it will specify the ID T T 1 3 2 1 3 7 4. Bam. I stopped sleep. I type in jobs. There he is. So it’s essentially the same thing is doing control Z. It’s kind of cool. Now I’m gonna start another sleep process. I’ll do sleep 700, do an Amper stand and put him straight to the background type in jobs. There he is. I’ll do a PS to see what his process idea is. And I know it’s this one, cuz it gave it to me up here. But I went ahead to went ahead and did this. So there it is. I do a kill and this time I wanna do a control C so I’ll do a kill dash two and then his process ID 2 18, 8, 7 interrupted interrupted his sleep.
I’ll do a bunch of pings. I’ll put them all in the background. So right now I’ve got a bunch of pings running in the background. Let’s say I wanna kill all of them all at the same time. How do we do that? If you already know how to do that, try it out real quick. Let me show you now though. So I’m gonna open up another terminal now just like the PS command had the P grab command. The kill command has the P kill command, which is so cool. Check it out. So instead of kill, I’m gonna type in P kill and what’s cool about this is I don’t have to specify a process ID. I can simply say a name. So I’ll do PKI. I’ll do dash nine. Cause I wanna, I want to kill ’em and uh
Let’s see what happens did you, did you, is it look, they all stopped. They’re done. I type it. Oh yeah. Look they’re they all are killed. Triple kill.
Cool stuff. Anyways. That’s all I have today guys. Again, huge shout out to the sponsor of this entire series. Hack the box academy. Don’t forget to check them out. You should have already checked them out using the lab they’ve provided for us for free yeah. Check ’em out and also, Hey, have you hacked the YouTube algorithm today? If you haven’t make sure you do hit that subscribe button comment. Um, the life button I’m forgetting them now. Oh, the notification bell. You gotta hack YouTube today. Ethically of course. And when also, if you are curious about how to learn bug bounty, which is a really cool sector of hacking where you get to hack companies legally, I’ve got a course set of partner with NA SEK on below. Check it up anyways. That was episode seven. I’ll see you in episode eight.