Vim Essentials
Edit files anywhere. No GUI required. The hacker's editor.
CLASSIFIED SCENARIO
You've compromised a server deep inside PHOENIX NEST enemy infrastructure. There's no graphical interface - only a terminal. You need to modify /etc/hosts to redirect their command & control server, edit SSH configs to maintain access, and plant a beacon script. Your only editor: vim. Master it or mission fails.
Why Vim Matters
Vim is the universal editor found on nearly every Unix/Linux system:
- Everywhere - Pre-installed on almost all Linux systems
- No GUI needed - Works over SSH, in containers, in recovery mode
- Powerful - Complex editing with just keystrokes
- Speed - Faster than any GUI editor once mastered
- Stealth - No extra software to install on compromised systems
Why Operators Use Vim
- SSH sessions - Edit files on remote systems instantly
- Minimal footprint - No need to install additional tools
- System rescue - Available even in emergency single-user mode
- Config editing - Modify sudoers, ssh_config, cron, etc.
- Quick scripts - Write automation on target systems
Vim Modes - The Key Concept
Vim has different modes for different tasks. Understanding modes is the #1 thing to learn:
NORMAL MODE (Default)
Where you start. Navigate, delete, copy, paste. Keys are commands, not text.
Press Esc to return here from any mode.
INSERT MODE
Type text like a normal editor. Enter with i (insert), a (append), or o (new line).
Status bar shows -- INSERT --
COMMAND MODE
Enter commands with colon. Press : to enter.
Examples: :w (save), :q (quit), :wq (save and quit)
Essential Vim Commands
Getting In and Out
# === OPENING FILES ===
$ vim /etc/hosts # Open file
$ vim +10 /etc/hosts # Open at line 10
$ vim /etc/hosts /etc/ssh/sshd_config # Open multiple files
# === SAVING AND QUITTING ===
:w # Save (write)
:q # Quit (fails if unsaved changes)
:wq # Save and quit
:q! # Quit WITHOUT saving (force)
:x # Same as :wq
ZZ # Save and quit (normal mode)
Navigation (Normal Mode)
# === MOVEMENT ===
h j k l # Left, Down, Up, Right
w # Jump to next word
b # Jump back a word
0 # Go to start of line
$ # Go to end of line
gg # Go to first line
G # Go to last line
:15 # Go to line 15
Editing (Normal Mode)
# === INSERT TEXT ===
i # Insert before cursor
a # Append after cursor
o # Open new line below
O # Open new line above
A # Append at end of line
# === DELETE ===
x # Delete character under cursor
dd # Delete entire line
dw # Delete word
d$ # Delete to end of line
# === COPY/PASTE ===
yy # Yank (copy) line
yw # Yank word
p # Paste after cursor
P # Paste before cursor
# === UNDO/REDO ===
u # Undo last change
Ctrl+r # Redo
Search & Replace
# === SEARCH ===
/pattern # Search forward
?pattern # Search backward
n # Next match
N # Previous match
# === REPLACE ===
:s/old/new/ # Replace first on line
:s/old/new/g # Replace all on line
:%s/old/new/g # Replace all in file
:%s/old/new/gc # Replace with confirm
Quick Reference
| Action | Command | Mode |
|---|---|---|
| Enter insert mode | i | Normal |
| Exit insert mode | Esc | Insert |
| Save file | :w | Command |
| Quit | :q | Command |
| Save and quit | :wq | Command |
| Quit without saving | :q! | Command |
| Delete line | dd | Normal |
| Copy line | yy | Normal |
| Paste | p | Normal |
| Undo | u | Normal |
Operational Editing
# === REDIRECT ENEMY C2 ===
$ vim /etc/hosts
# 1. Go to end of file
G
# 2. Open new line and enter insert mode
o
# 3. Type the redirect
127.0.0.1 c2.enemy.net
# 4. Exit insert mode
Esc
# 5. Save and quit
:wq
[REDIRECTED] Enemy C2 now points to localhost!
[EFFECT] Malware can't reach real C2 server
Ready to Edit in the Field?
Test your vim knowledge, then execute the operation.