Navigation & Reconnaissance

Map the terrain. Every hacker's first move is knowing where they are and what's around them.

Know Your Territory

When you gain access to a new system, your first task is reconnaissance - understanding the file system layout, finding interesting files, and mapping what's available. This isn't just about typing commands; it's about developing a mental model of the system.

The Linux file system is a tree structure starting from / (root). Everything - devices, processes, configurations - appears as files. Master navigation, and you control the system.

Essential Navigation Commands

Command	Purpose	Hacker Use
`cd [path]`	Change directory	Move to target locations
`ls -la`	List all files with details	Find hidden files, check permissions
`tree`	Visual directory structure	Quick recon of folder hierarchy
`find / -name "*.conf"`	Search for files	Locate config files, credentials
`locate filename`	Fast file search (database)	Quick discovery of known files
`cat / head / tail`	View file contents	Read configs, logs, scripts

hacker@target:~$ cd /etc
hacker@target:/etc$ ls -la | head -10
total 1284
drwxr-xr-x 142 root root   12288 Dec 25 10:00 .
drwxr-xr-x  23 root root    4096 Dec 20 08:00 ..
-rw-r--r--   1 root root    3028 Dec 15 14:22 adduser.conf
drwxr-xr-x   2 root root    4096 Dec 10 09:15 alternatives
drwxr-xr-x   8 root root    4096 Dec 20 08:00 apache2
-rw-r--r--   1 root root     367 Dec  1 12:00 hosts
-rw-r-----   1 root shadow  1423 Dec 18 16:30 shadow
-rw-r--r--   1 root root    2981 Dec 18 16:30 passwd

Critical Linux Directories

/etc - Configuration Central

System configs, user accounts (passwd/shadow), service settings. The first place to check.

/home - User Territory

User home directories. Check for .ssh keys, .bash_history, personal configs, documents.

/var/log - The Evidence Trail

System and application logs. Both a goldmine for forensics and a trail to cover.

/tmp - Temporary Treasures

World-writable, often contains cached data, session files, sometimes credentials.

/opt & /usr/local - Custom Software

Third-party applications often installed here. May have weaker security than system packages.

Reconnaissance Checklist

Check /etc/passwd - List all users, find service accounts
Look for .ssh directories - Private keys are golden tickets
Search for config files - find / -name "*.conf" 2>/dev/null
Check bash history - Previous commands reveal habits and secrets
Look for backup files - .bak, .old, .backup often contain originals
Examine cron jobs - Scheduled tasks may run with elevated privileges

LAB: Explore the File System

You've gained shell access to a target system. Your mission: explore the file system and find the interesting files. Use navigation commands to discover what's on this system.

recon-shell

Welcome to Reconnaissance Lab ================================ You have shell access. Explore the system. Current directory: /home/user Try: ls, cd, cat, pwd, find Objectives: 1. List the files in your home directory 2. Find the system log file 3. Discover the hidden config file

user@target:~$

RECON COMPLETE!

You've successfully navigated the file system and found the key files!

Skills demonstrated: directory navigation, file discovery, reading configs.

Ready to Test Your Skills?

Complete the quiz to prove your navigation abilities.

Take the Quiz → Back to Script House

Completing CLH-001 to CLH-003 earns: CLI Recruit