KILL Linux processes!! (also manage them) // Linux for Hackers // EP 7

Watch the Video

Video Notes:

Access your FREE Linux lab here: https://bit.ly/3FJOXnN (HTB Academy)

Welcome to episode 7 of the Linux for Hackers series. In this episode, NetworkChuck takes you on a journey of how to manage processes in Linux. He covers everything from how to find processes, put them in the foreground and background, and even how to KILL processes!!

Checkout HTB:
-HTB: https://bit.ly/3dZ31NF
-HTB Academy: https://bit.ly/3q80iqC

🔥🔥Join the NetworkChuck membership: https://ntck.co/Premium

**Sponsored by Hack The Box

0:00 ⏩ Intro
1:49 ⏩ Access your FREE Linux Lab
2:23 ⏩ recap: What is a Linux Process?
2:54 ⏩ the PS command (diving deeper)
4:40 ⏩ how to KILL a Linux Process
5:40 ⏩ find a process id by name (pgrep)
6:28 ⏩ ps….let’s talk more about it
8:00 ⏩ how to monitor Linux processes (top and htop)
9:01 ⏩ background and foreground processes
15:02 ⏩ the KILL command (deep dive)

Okay, here we go. This one’s gonna be quick. So get your coffee ready today. We’re gonna learn how to manage our processes, processes and Lennox. And by the way, I’m drinking tea, not coffee right now. It’s wrong with me? Why I can’t this isn’t right. I’m not doing this. I’ll be right back. Get this tea craft outta here. Ah, okay. Now we can star
Hello and welcome to episode seven of my Linnux for hackers and everyone. Cuz everyone needs to learn Linnux series today. We’re learning one of those as skills that you just, just have to know when you’re messing with Lennox and that’s how to deal and manage with those pesky processes processes. I can never say that right now. If you’re a windows user, you deal with this kind of crap all the time, right? They’ll do control, delete, open up your task manager. And if something’s acting up and go in here and just stop that sucker and that task, I’m gonna show you how to do that and more and Lennox and course it’s all through the command line. So it’s much more sexy anyways. don’t you a Cree. We’re going fast. But first dude, the reason I love this series so much is because you get access to a free Linux lab right now, completely free and your browser.
And we’re able to do this because of the sponsor of this entire series hack the box academy. So seriously check the link below launch that free lab. So you can follow along with, as we go through stuff and Lennox, and also what is hack the box academy? Well, if you want to become a hacker or you have a passing curiosity in what the junk hacking is, that’s the place to start, man. They give you everything. You need all the foundational knowledge to step forward and learn how to become a hacker. So if you’re like starting at zero, you’re like, I don’t know what to do. They’ll tell you what to do. So yes, use their lab right now for free as we go through Linux and also don’t be afraid to play around and go to other stuff. It’s awesome. But anyways, no time to waste.
Let’s launch our free lab right now. So get your stuff logged into hack the box academy. I’ll again, have a link below once you’re logged in, we’re gonna jump into our Linux fundamentals course and on the right column here, we’re gonna jump into service and process management right here, and then it here comes the fun part. We’re gonna scroll down just a little bit right here until we see my workstation to access that lab. We’re gonna click on start instance. That’s gonna start up super fast and there it is, our little bitty Linux box. So you have to like really squint to be able to access everything. No, I’m just kidding. Just click on, um, interact. It’ll open up the massive browser window for you. Yeah. Look at us. Look at us here. So like I said before, we’re talking about Linux processes, processes, and if you’re wondering, uh, what the junk is at Lenox process, jump back to the previous video.
The previous episode, episode six, we talk about it basically every time you launch an application or do really anything on Linux, boom, a process has started. So for example, I just launched Firefox, ready to go. There he is. This is a Linux process. And by the way, right now, go ahead and do that yourself. Launch Firefox, click on that guide. Just have ’em sitting there looking all pretty. And at the same time we’re gonna launch our Lennox terminal. Our favorite place to be woo. There’s my guy right there. So we’ll launch that guy real quick and they’re right here with one command PS. We can see some of our running processes. Well, hold on, wait, we don’t see Firefox right there. I’ll explain why here in a moment. But if we do this command PS dash U for user, and then we’ll take our user account right here.
Copy that and paste it. And then we do a pipe and grip for Firefox. There it is. Who okay. Time for copy. Break on that one. And if you’re wondering what the junk just happened, don’t worry. We’re gonna walk through all that. I just wanted to scare you for a second. Okay. So the PS command , that’s the main command we learned last time for looking at our running processes of here. Pro I can never say processes is gonna drive me crazy. It’s how we see our processes, our processes. It’s how we see that stuff here on Lennox. But also notice we had to do some fancy stuff with it to be able that we opened up Firefox. I’ll explain that here in a moment, but let’s go back to that first time we ran PS. In fact, I’ll just do it again real quick.
PS, all that’s doing right now is telling me what’s running right here in my terminal. The one I just launched and what’s running right now. Well, it’s our bash shell and , it’s our PS command, which is kind of funny. So with the PS command, you have to be very specific about what you want to see. Otherwise you’ve been like, okay, well we’re right here in the terminal. That’s what’s running. You gotta tell ’em Hey, I wanna see all the processes running for maybe a certain user account. And that’s what we did. We said, PS, Hey, by the way, buddy, I wanna see all the processes running for my user account. So dash you, and then that’s our user account right there. Now, if we run just that, it’s gonna show us some stuff. Let’s try it out. We got a few things going on now.
Not crazy. We can easily scroll through it, but who wants to do that? So we’ll do a pipe and we’ll grip, which grip just is Lenox. Speak for finding stuff. filtering stuff. We’ll grip actually. What does that stand for? Oh, global regular expression print. I hate regular expressions. I’ll probably make a video about that soon though. Anyways. And we’ll grip off of a term like Firefox bam. There it is now real quick. I wanna jump to what might be the most important point of this video or the most important thing, arguably and that’s how do you kill a process that is being a jerk. He’s just stalled up. He’s not working. Let let’s say for example, Firefox we’re chugging along Googling stuff. And all of a sudden he just freezes and he doesn’t go away. How do you stop him? We must stop him.
How do we do that? We kill him with the kill command. no joke. That’s the command. The easiest command to remember in Linux, if you want to get rid of something, you kill it. So I wanna kill Firefox. Now I wanna type in kill, but I can’t just type in Firefox. The kill command needs a process or job ID. And we actually all that. So when we ran that command earlier, PS U our user name and then grabbed her Firefox. It told us what it was right there. There’s the process ID, but stop, hold on a second. We’re not gonna kill it just yet. There’s an easier way to do this. And I’ve mentioned this a million times before in this series, there’s about 15,000 different ways to do one thing in Linux. So pick your favorite, but here’s a really easy way to quickly find a process by name.
You’ll love it. Trust me, watch this. So instead of using the PS command, there’s a command called P GRE , which is basically just PS command with gr command combined into one command, which is kind of cool. So P GRE and we’ll just type in the name Firefox P grab Firefox, and this will return one thing for us, his process ID. Perfect. That’s what we need. So now, now we can kill him. Let’s do it. So I’m, I’m gonna skip this over a little bit so I can see Firefox die. I’m gonna do kill that process ID 2, 3, 7, 6, goodbye, Firefox. And he’s gone. you know, we’re gonna talk about exactly what happened there and, and kind of pop the hood a bit and see it, cuz it’s pretty cool. And we can do different things, but that was cool, right? That was fun. That was satisfying.
Now we’re gonna take a step back. We’re gonna stop killing things just for a moment, but we’ll get back to it. Don’t worry. I’m gonna clear my, my terminal here. And I wanna get back to focusing on the PS command cuz he’s it’s a big command. You can do a lot with it first, like my previous video where talked about getting help, you can do PS dash help. Now it didn’t give us help just yet. It just gave us help with the help. because it’s such a big, um, thing. It’s like, Hey, do you want a simple output of the help? Or you want like a list? Or like, how do you want this? So we’re gonna do simple. So we’ll do PS dash help and we’ll type and simple. Just get a simple rundown of how to do it. And there we go.
That’s nice. Now normally when you’re using PS, you end up using a couple switches all the time. The three I always use is a U and X. So I’ll do PS dash a U X, a being all users X, which means processes that were not executed by this terminal. So just all, all the stuff. And then you, which does not show up here, it’ll simply list the user that that process belongs to you. Would’ve seen this command in the last video as well. So PS dash a aux, and it gives you a ton of output. Expand this a bit. The first gajillion of the processes are all owned by a route. You can see their username right here, the process ID. And as you scroll down a bit will start to see other users. And again, the most common way I use this is by doing PS aux and then doing grip for whatever program I’m looking for.
So if I do Firefox, he’s still alive. That’s okay. We’ll kill him for good here in a bit. It’s like Jason and I normally do that because not all systems will have P grip installed. Now, before we go deeper into processes and how to kill them and all the different kill switches we can use. Yeah, it does not on fun. Right? I told you, uh, let me show you two commands that are pretty fun here and how to monitor the processes. This is on Linux. The first command is simply top new command time top. That’s it really fun? Watch this just hit enter. Ooh, that’s fun. Look at that. What this is doing here is showing you the running processes is on processes. There we go on the, and, and it’s sorting them by their CPU usage. So we got a process ID right here, the user running the sucker, we got CPU memory.
And if you’re wondering what this process is, that’s taking up all of our stuff. It’s um, VNC. It’s how we’re accessing this box and a browser. So it’s taking up the most stuff. So from here, go ahead and hit Q that’s gonna get you outta there and even better. One is H top. Let’s try it out. This one’s pretty trust me. Woo. So it’s essentially doing the same thing as the other one, but it’s, it just looks cooler, right? Like I wanna leave this up all day. It’s just awesome. So it’s just a fun way to monitor what’s going on with your Lennox box. Anyways, let’s move on. Hit cue to get outta there. Let’s clear our screens, cuz we’re about to do some more stuff in perfect time for just a little little coffee break. So right now we’re gonna stay in terminal land.
We’re gonna stay right here in our shell. I wanna talk about two things. Two types of processes. I said it right that time and it was easy. Okay. I I’m getting better. We have our foreground processes and we have our background every time I say it now, I feel like I’m saying like a foreign language. It is very strange. Let’s do a foreground process real quick just to connect the dots here. So right now, go ahead and type in ping, which is the utility network engineers and pretty much anyone in it uses to make sure things are up. It says, Hey, are you there? And they reply, yes, I’m here. I’m awake. That’s what ping is. So we’re gonna do ping. We’ll do a dash C, which stands for count and we’re gonna send 100. Hey, how you doing? And then I’ll specify the server.
I’m going to ping. So let’s go ahead and do network. chuck.com. My website hit enter and it’s going to send a ping. And right now we’re getting replies back saying, yes, I’m awake. Yes, I’m awake. And it’s gonna do that 100 times. This is an example of a foreground process. Cuz as right here in front of us, we can’t really do anything with a terminal. It’s interrupting it. Either have to wait for it to finish or stop it. So right now, go ahead and do control C, which was a version of kill. I’ll explain it here in a bit. That’s a foregone process. Another popular one you might see as you’re learning, this would be sleep type in sleep. And then like, let’s just do 30. That’s gonna sleep for 30 seconds right now. Go to sleep and just wait. And while it’s waiting, we can’t do anything.
It’s just stuck. If we do control C to kill it, um, it it’s stopped. So that’s a foreground process. Now what’s really cool is we can take these foreground processes like a ping job that, that feels weird saying that we can take a ping and we can actually put that sucker in the background. Let’s try it out. So let’s go ahead and do our thing here. We’ll do ping dash C. We’ll do one of the thousand, cuz that doesn’t really matter. And we’ll do network chuck.com again and start that bad boy hit enter. So it’s gonna go whatever. Now, while it’s going, do this, do control Z on your keyboard, which has happened now in case you didn’t hear the emphasis. I said, control Z, not C, Z, Z. It’s the sleeper hold man. We put him to sleep. We knocked him out. We can see right here, he has been stopped.
We can get a list of our current running jobs or the jobs we put to sleep by typing in jobs. And this will show us our jobs table. There it is right there. There’s our ping that we had going. We put him to sleep with control Z. Bam knocked him out and now he’s just kind of chilling now real quick, just so you know, he’s still a foreground process. Again, he’s just asleep. What do you say? We change him to a background process and it’s actually very, very simple. So notice one thing right here. The one , the one is kind of his label. Like what job number is he? Remember that our command to make him a background process and continue what he’s doing will simply be B G for background. Now, if we ran just BG without anything else, it’ll just run. The only job we have there, that’s fine.
If we had more than one job, we’d have to specify the job ID. We can go ahead and do that just by doing one. Now, what do you think is gonna happen when I run this? Let’s try it up. Head enter. He starts running again. Now it seems like he’s still running as a foreground process. Kind of feels the same, but try this. Try to stop it. Try to do control C. Nope. He doesn’t stop. he doesn’t stop. He just keeps going. If I type in jobs, it says he’s running. He’s good, but you can’t stop this. Try to do control Z. I mean nothing’s stopping him. He’s now a background process and we can’t interact with him. Now. We don’t wanna let this run forever. It’s kind kind of annoying. We got stuff to do. So let’s turn him back into a foreground process.
Now going with the same pattern we’ve already went with, what do you think the command is? If you guess FG, you’re a genius man. So type in and it’s gonna be kind of hard to see it, but trust me, it’s gonna happen type in FG. Do, do a space and do one and boom. So now he’s back to being a foreground process and if we do control C, he stops. So that’s kind of cool. So we took our P command. We put him to sleep with control. Z did BG to put him in the background. Now he’s running the background. We can’t touch him. Then we did FG to bring him back into the foreground, go and try it a few times. Yourself, just play around with it. It’s fun. It’s not gonna hurt anybody. It’s good practice now real quick. Just for fun. I’m gonna start a bunch of stuff and just put ’em all to sleep.
So I’ll do like a ping dash C 1000, 10,000, however many network, chuck.com. Then I’ll do control Z to put him to sleep. I’ll do sleep in actual sleep. I’ll do sleep 60. That’s currently running in the foreground. I’ll put him to sleep. I’ll put sleep to sleep kind of weird. Right? I type in jobs. I can see they’re both stopped. There’s ping. There’s sleep. Sleep was put to sleep. That’s like inception. Isn’t it. Leonard order to Caprio. And let’s just do one more. I’ll do ping dash C 100 google.com. Get that going, put him to sleep. Now if we type in jobs, we got three jobs in there that are stopped now real quick. I want you to go ahead and start job number three and put him in the background. Go now to do that. It’s pretty simple. BG three. Google’s now doing stuff.
Can’t stop him. He’s just gonna do it. But if I bring him back to the foreground by doing FG three and then control C, he’s done not if I type in jobs, he’s gone cuz we, we, we killed him. that’s kind of cool, right? Going from foreground to background, background to foreground, it’s definitely gonna be handy as go further into hacking and Linux. Now, if you wanna put a process straight to the background, don’t wanna mess with that foreground business. Really simple way to do that. So let’s say I do ping C once more, 300 hack the box.eu to make this guy go straight to the background. I’m gonna do an amp or sand right after go. And he’s a background process. If I try to stop him, can’t out that guy he’s background. They’ll bring him to the foreground. Actually let’s type in jobs to see what his number is.
He’s number three, I’ll do FG three and then stop him. He’s gone. And by the way, processes can have a number of statuses. Um, if, if we take a look at hack the box, it gives the main ones running, which is a good thing waiting stopped. And then who zombies anyways. There’s more than that. And we can actually see that by doing a, um, oh, what happened? Like let me do my ping in once or more. I’ll do ping dash C one network check.com. I’ll control Z that put him to sleep, which is actually stopping him. Um, if I do PS dash ax, there he is right there. Ping dash CEO, blah, blah. And then there’s his status, which is T which stands first stopped. It actually stands for traced, but it means stopped. Now let’s get back to killing things. let’s talk about that.
There are some things you gotta know about the kill command. Whenever we do use the kill and to kill a process is actually sending a kill signal and there are different signals we can send. For example, when we just by default say kill, let me show you the list. If I type in kill, it’s just a weird thing to type in and do a dash L it will list all the possible signals we can send. If you’re like, whoa, what’s overwhelming. there’ll a few things we gotta care about though. One is over here, 15 SIG term. This is the default kill signal that is sent when you don’t specify a signal. And what this actually does is it’s more like a, um, a suggestion please die process, but please do it at your leisure whenever you want. And if you don’t want to, then that’s fine too.
So as like a saw ops kill, it’s like, I’m gonna shoot, but I don’t know. I don’t know a good analogy for that, but essentially ask a process nicely, please die. And he can refuse. So if you ever use the kill command and you don’t actually specify a kill signal, it may not kill that process. Especially if he’s going a little crazy. Now, a couple of the kill commands and this is what’s really cool. Um, I bet you didn’t know that when we’re press seeing control control Z and control C, we’re actually doing kind of a shortcut for the kill command. It’s just specifying a different signal. So for example, when we’re using the control Z command, I’ll write it down. Cause I know it sounds similar. Control Z. We’re actually using kill signal 19. We’re easy at CIG stop. And then if we do control Z again, the second time we’re using 18 SIG continue, it’s kind of cool.
Right? And then for control C, we’re doing number two, SIG interrupt. Like, Hey, Hey, I don’t mean to interrupt, but I do stop it. So that’s kind of cool too, right? Knowing that we’re actually using a kill command, we’re doing control C and control Z. And we’ll demonstrate these here in, at the first. I wanna show you the real kill command, the command that will kill no matter what, it’s not asking, it’s not suggesting, it’s saying you will die. It’s forcibly terminating a process. And that is this guy right here. Signal number nine, SIG kill , which I, I feel like there’s gotta be a t-shirt for that or something. It’s so I don’t know. It just sounds cool. When do kill dash nine using that kill signal, there are no other options, but two just die. So what do you say? We try it out.
so let’s um, let’s start some processes and just keep it simple. I’m gonna do the sleep command that way. A ping is on getting in the way of our terminal. So I’ll do sleep 900 and I’ll put him right into the background. So I’ll do an Amper sand right after him. I type in jobs there. Area is just chilling and I forgot I had my network Chuck and still in there. And what I wanna do real quick is I wanna simulate a control Z on this guy, which will stop him. So I’ll do kill actually first. I gotta figure out what his process ID is. So actually, you know, I’m gonna have you pause the video and try to figure out the process ID and try to kill him with the control Z signal. Try it out anyways. Here’s how we’ll do it real quick.
I’m just gonna type in PS right here in our terminal. And there he is. There’s Mr. Sleep. Dr. Sleep 2 1 3 74. So I’m gonna do kill. And the kill signal is dash 19 and it will specify the ID T T 1 3 2 1 3 7 4. Bam. I stopped sleep. I type in jobs. There he is. So it’s essentially the same thing is doing control Z. It’s kind of cool. Now I’m gonna start another sleep process. I’ll do sleep 700, do an Amper stand and put him straight to the background type in jobs. There he is. I’ll do a PS to see what his process idea is. And I know it’s this one, cuz it gave it to me up here. But I went ahead to went ahead and did this. So there it is. I do a kill and this time I wanna do a control C so I’ll do a kill dash two and then his process ID 2 18, 8, 7 interrupted interrupted his sleep.
anyways, I do jobs. He’s gone cause I interrupted now let’s fire up our killer instinct. Let’s use the ultimate kill hill command. Let’s go ahead and kill these two processes I have in there. They’re both stopped. They’re both in the background, but I wanna kill ’em actually. No, I think, uh, ping is still in the foreground. Anyways, here we go. Kill dash nine. Oh I need to process IDs. They were up here. I’ll do the ping one first, 180 5, 1 7 killed one off that it says that just killed. It’s been killed sniped. Let’s do uh, let’s do the other sleep. 2, 1, 3 74 killed I got a kill street going here. I type in jobs. They’re gone. Now I wanna show you one more fun thing. Again. There’s a thousand ways to do anything in Lennox, but what I wanna do real quick is start a couple processes.
I’ll do a bunch of pings. I’ll put them all in the background. So right now I’ve got a bunch of pings running in the background. Let’s say I wanna kill all of them all at the same time. How do we do that? If you already know how to do that, try it out real quick. Let me show you now though. So I’m gonna open up another terminal now just like the PS command had the P grab command. The kill command has the P kill command, which is so cool. Check it out. So instead of kill, I’m gonna type in P kill and what’s cool about this is I don’t have to specify a process ID. I can simply say a name. So I’ll do PKI. I’ll do dash nine. Cause I wanna, I want to kill ’em and uh then I’ll just say, I’ll just say P I wanna kill all the PS.
Let’s see what happens did you, did you, is it look, they all stopped. They’re done. I type it. Oh yeah. Look they’re they all are killed. Triple kill. that’s cool. Right? Anyways. That’s enough killing for today. Um, that’s how we manage our processes in Lennox, both, uh, dealing with on re annoying processes that lock up and you want to get rid of ’em you got a couple options for that. You can gracefully shut them down, ask ’em nicely, or just take ’em out. We could also take our processes and, and put them in the foreground background back and forth, which definitely will come in handy as you progress in your hacking skills. And we also saw how to find processes. I said it perfect that time. We saw to find them search for them, saw some cool ways to monitor our Linux system with top and H top man.
Cool stuff. Anyways. That’s all I have today guys. Again, huge shout out to the sponsor of this entire series. Hack the box academy. Don’t forget to check them out. You should have already checked them out using the lab they’ve provided for us for free yeah. Check ’em out and also, Hey, have you hacked the YouTube algorithm today? If you haven’t make sure you do hit that subscribe button comment. Um, the life button I’m forgetting them now. Oh, the notification bell. You gotta hack YouTube today. Ethically of course. And when also, if you are curious about how to learn bug bounty, which is a really cool sector of hacking where you get to hack companies legally, I’ve got a course set of partner with NA SEK on below. Check it up anyways. That was episode seven. I’ll see you in episode eight.

Check Out Network Chuck's Coffee and MERCH Shop