What are these Linux Commands doing?

python ../../tools/Loki/loki.py -p ., So what this says is: 1. Go up 2 directories 2. Navigate from that location to tools > then to Loki 3. Open loki.py Also: What exactly does -p and . mean? I was trying the man python command, but it said "no manual entry for Python." (I'm probably going to look for a Linux command cheat sheet later.) Original Message question/reply from @DirtyJ (thanks): https://discord.com/channels/543652415870730240/580312632171692032/1128474626872316025
No description
CF
Cyber Forum278d ago
Post created!
🔎 This post has been indexed in our web forum and will be seen by search engines so other users can find it outside Discord 🕵️ Your user profile is private by default and won't be visible to users outside Discord, if you want to be visible in the web forum you can add the "Public Profile" role in <id:customize> ✅ You can mark a message as the answer for your post with Right click -> Apps -> Mark Solution (if you don't see the option, try refreshing Discord with Ctrl + R)
From An unknown user
D
DirtyJ278d ago
-p will be one of Loki's arguments: https://github.com/Neo23x0/Loki
usage: loki.py [-h] [-p path] [-s kilobyte] [-l log-file] [-r remote-loghost]
[-t remote-syslog-port] [-a alert-level] [-w warning-level]
[-n notice-level] [--allhds] [--alldrives] [--printall]
[--allreasons] [--noprocscan] [--nofilescan] [--vulnchecks]
[--nolevcheck] [--scriptanalysis] [--rootkit] [--noindicator]
[--dontwait] [--intense] [--csv] [--onlyrelevant] [--nolog]
[--update] [--debug] [--maxworkingset MAXWORKINGSET]
[--syslogtcp] [--logfolder log-folder] [--nopesieve]
[--pesieveshellc] [--nolisten]
[--excludeprocess EXCLUDEPROCESS] [--force]
usage: loki.py [-h] [-p path] [-s kilobyte] [-l log-file] [-r remote-loghost]
[-t remote-syslog-port] [-a alert-level] [-w warning-level]
[-n notice-level] [--allhds] [--alldrives] [--printall]
[--allreasons] [--noprocscan] [--nofilescan] [--vulnchecks]
[--nolevcheck] [--scriptanalysis] [--rootkit] [--noindicator]
[--dontwait] [--intense] [--csv] [--onlyrelevant] [--nolog]
[--update] [--debug] [--maxworkingset MAXWORKINGSET]
[--syslogtcp] [--logfolder log-folder] [--nopesieve]
[--pesieveshellc] [--nolisten]
[--excludeprocess EXCLUDEPROCESS] [--force]
. indicates the current directory (if you do ls -al you'll always see . and .. for current directory and one above):
GitHub
GitHub - Neo23x0/Loki: Loki - Simple IOC and YARA Scanner
Loki - Simple IOC and YARA Scanner. Contribute to Neo23x0/Loki development by creating an account on GitHub.
No description
D
DirtyJ278d ago
So basically -p . in that context tells loki.py to use the current directory as the path to scan
F
Fox'Say!278d ago
Thanks, that helps a lot. I found a guide. I'm still learning Linux and they touched on a few of the commands, but I don't think the course taught me how to use & string together all the commands you need to get the answers...which would explain why this was weirdly difficult. https://medium.com/@haircutfish/tryhackme-yara-room-d279ccb5cbb3#:~:text=Based%20on%20the%20output%2C%20what%20string%20within%20the%20Yara%20rule%20did%20it%20match%20on%3F
Medium
TryHackMe Yara Room
Learn the applications and language that is Yara for everything threat intelligence, forensics, and threat hunting!
F
Fox'Say!278d ago
Can I ask if, at a glance, you know what 1ndex.php is? Is that the same thing as the directory index, which I think all Linux directories have? If that's correct, I thought Yara calls went yara **<rulename>**.yar **<filename_being_scanned>**. yara 1ndex.php file2/file2.yar - call from inside file2 directory. Do I have the syntax backwards? And if I do, how does yara know where 1index.php is? Maybe it just runs by default in the current folder? https://medium.com/@haircutfish/tryhackme-yara-room-d279ccb5cbb3#:~:text=Answer%3A%20yara%201ndex.php%20file2/file2.yar
Medium
TryHackMe Yara Room
Learn the applications and language that is Yara for everything threat intelligence, forensics, and threat hunting!
W
Wagon278d ago
1ndex.php would be a PHP script of some kind. As far as your understanding of syntax, you are correct <rulename>**.yar **<filename_being_scanned>** is the format, meaning the command would be yara file2.yar file2/1ndex.php For some reason, the answer is swapped to yara 1ndex.php file2/file2.yar, I am unsure why though.
F
Fox'Say!277d ago
Thank you, I spent so long trying to figure that out. It was just wrong 🙄
More Posts
Will factory resetting my pc remove spyware/malware?Hi, so my computer was recently hacked, where the hacker got access to all my files, passwords, and HELP my pc is stuck in restart and it’s keep restarting itselfHELP I TRIED TO RESTART MY PC BUT ITS STUCK IN RESTART AND LOADING OVER AND OVER AGAINFan IssuesBefore I go out spending money, I would like to double check with you all that this is not supposed Forum Bot TestbababooeyFake pictures?/False profile?/Hacked?Hello, I'm not one to post on a public form. But, I'm in a tough spot to say the least. So I'll jusAnyone know anything about networksCan anyone help me with an add on for application netlimiter 4?Need help for running a ZAP scan for APIs.I'm trying to configure the postman with ZAP so I can capture the API request and then scan them, buNeed help enabling user bot commandsHey everyone!, I have created my first discord bot using python and the bot does show it connects iWindows 10 recovery media@everyone srry for ping but may someone help me, I have 3f0 boot error, and I got no other laptops, Problem with multi-handler on Evil-Droidhello, when i launch my listening, my terminal goes black i didn't see what i'm righting or the resuWindows updateIt doesn’t update anything help me pleasehelp :)Hello im new to kali linux… and wlan0 does not work, i tried that compat think but it doesen t work What do I need to do to land a job in an SOC as a relative beginner?I want to work in an SOC. Until recently, I was a physical "SOC Analyst" for a Fortune 50 company. MSetup wireguard on local pc and mac laptop (acces from wan remote desktop)Hi all. I need to setup fast and save connection to access my windows pc (remote desktop) from my mahow to turn off real time protection in the new windows update where it doesn’t shows manage settingIt is showing open apps but not manage setting so idk how and where to accesssi have a sonicwall nsa 3500 (I have no clue what im doing)i just need to know how to setup the last four ports to use as a normal lan, `the x0 port is hooked