• Filtering by Process Name
  • USER The user who invoked the process PID




    Download 7,3 Mb.
    Pdf ko'rish
    bet70/115
    Sana27.11.2023
    Hajmi7,3 Mb.
    #106243
    1   ...   66   67   68   69   70   71   72   73   ...   115
    Bog'liq
    linuxbasicsforhackers

    USER
    The user who invoked the process
    PID
    The process ID
    %CPU
    The percent of CPU this process is using
    %MEM
    The percent of memory this process is using
    COMMAND
    The name of the command that started the process
    In general, to perform any action on a process, we must specify its PID. 
    Let’s see how to use this identifier to our advantage.
    Filtering by Process Name
    When we inquire about or perform an action on processes, we usually don’t 
    want all of the processes displayed on the screen. It’s simply a problem of 
    too much information. Most often, we want to find information on a single 
    process. To do so, we can use the filtering command 
    grep
    , which I intro­
    duced in Chapter 1.
    To demonstrate, we’ll use the Metasploit exploitation framework, the 
    most widely used exploitation framework and nearly every hacker’s good 
    friend. This comes installed on your Kali system, so start Metasploit with 
    the following:
    kali >msfconsole
    Once the exploitation framework has been started, let’s see whether 
    we can find it in the list of processes. Metasploit has now taken over this 
    terminal, so open another terminal. Now, use the 
    ps aux
    command and 
    then pipe it (
    |
    ) to 
    grep
    looking for the string 
    msfconsole
    , as in Listing 6­2.
    kali >ps aux | grep msfconsole
    1:36 ruby /usr/bin/msfconsole
    root 39892 0.0 0.0 4304 940 pts/2 S+ 15:18 0:00 grep msfconsole
    Listing 6-2: Filtering a ps search to find a particular process
    From the filtered output in this listing, you should see all the processes 
    that match the term 
    msfconsole
    . Here, you see the 
    msfconsole
    program itself 
    from /usr/bin/msfconsole, and then you should see the 
    grep
    command you 
    used to look for 
    msfconsole
    . Notice that the output did not include the column 
    header list from 
    ps
    . Since the keyword, 
    msfconsole
    , is not in the header, it is not 
    displayed. Even so, the results are displayed in the same format.
    From this, you can learn some important information. If, for example, 
    you need to know how many resources Metasploit is using, you can consult 


    64
    Chapter 6
    the third column (the CPU column), to see that it’s using 35.1 percent of 
    your CPU, and consult the fourth column to see that it’s using 15.2 percent 
    of your system memory. That’s quite a bit. It’s a demanding beast!

    Download 7,3 Mb.
    1   ...   66   67   68   69   70   71   72   73   ...   115




    Download 7,3 Mb.
    Pdf ko'rish