You dont have javascript enabled! Please enable it!

Day 3 OSCP | Kali Linux Services

Reading Time: ( Word Count: )

December 8, 2020

Here I am again with day 3 of my journey towards OSCP. Documenting everything each day isn’t convenient, but got to keep the promise to myself. Anyways, today I’ll cover the primary Kali Linux services, which we’ll be using most of the time later on while doing some real-world penetration tests.


Apache HTTP Service

Let’s start with the service we’ll often use during penetration tests, the “apache HTTP service“. That is mostly used as a platform for downloading files to the victim machine. With the apache HTTP service, we can host our web server locally without any hassle, but a single command. The “apache HTTP service” is TCP-based and listens by default on port 80.

First, let’s find out our private IPv4 address from the command line by running “ifconfig“, same as “ipconfig” in Windows. Let’s copy and paste it to the web browser, after redirecting to it make sure it says http:// and not https:// followed by your IPv4 address.

You should see a message saying “Unable to connect“, which means nothing is running now, let’s bring up our apache webserver with “sudo systemctl start apache2“.

By default, Kali doesn’t show output on the terminal. Now refresh the page on your web browser, and there you have a locally running web server. The alternative command is “sudo service apache2 start“. We can also specify a different port, but more on it later. 

  ┌──(kali㉿kali)-[~]      └─$ ifconfig eth0: flags=4163 mtu 1500 inet netmask broadcast ...
  ┌──(kali㉿kali)-[~]      └─$ sudo systemctl start apache2 #refresh your page now
  ┌──(kali㉿kali)-[~]      └─$ sudo systemctl stop apache2 #refresh your page again


We can also verify that the HTTP service is running and listening on TCP port 80 with the “ss” & “grep” commands, the older command being “netstat“, “ss” works much faster and shows more information. The default command shows which ports are open and what they’re connected to.

Let’s type “sudo ss -antlp | grep apache“. However, I still like using the “netstat” command because sometimes I find it more human-readable. We basically run the command and pipe the output using the ” ” symbol into grep to search the output for “apache“. More on grep and piping on Day 6.

Another useful command to check the status of the service is “service apache2 status“.


  ┌──(kali㉿kali)-[~]      └─$ sudo ss -antlp | grep apache LISTEN 0 511 *:80 *:* users:(("apache2",pid=63768,fd=4),
  ┌──(kali㉿kali)-[~]      └─$ sudo netstat -antlp | grep apache tcp6 0 0 :::80 :::* LISTEN 63762/apache2
  ┌──(kali㉿kali)-[~]      └─$ sudo systemctl enable apache2 Synchronizing state of apache2.service with SysV service script with /lib/systemd/systemd-sysv-install. Executing: /lib/systemd/systemd-sysv-install enable apache2 Created symlink /etc/systemd/system/ → /lib/systemd/system/apache2.service.
  ┌──(kali㉿kali)-[~]      └─$ sudo systemctl disable apache2 Synchronizing state of apache2.service with SysV service script with /lib/systemd/systemd-sysv-install. Executing: /lib/systemd/systemd-sysv-install disable apache2 Removed /etc/systemd/system/


Meaning of the -antlp option (you can make your own combinations):

-a listing all ports (both TCP and UDP)
-n shows the port number
-t enables listing of TCP ports
-l prints only listening sockets/ports
-tp displaying service name with their PID number, using option ss -tp will display “PID/Program Name.”
-u enables listing of UDP ports
-lx listing all active UNIX listening ports

If you want the service to start at boot, use the command “sudo systemctl enable apache2“, again, you won’t see an output. To stop replace enable with disable.



The Secure SHell

The Secure SHell (SSH) service is most commonly used to remotely access a computer, using a secure, encrypted protocol. The SSH service is TCP-based and listens by default on port 22, but can also be changed (more on it later on). Make sure to change the default password on your machine, before using the service to avoid someone else connecting to your machine with the default credentials.

To start the SSH service in Kali, we run sudo systemctl start ssh“, alternative “sudo service ssh start“. Again the command doesn’t return any output when it completes successfully. We need to verify using the “sudo ss -antlp | grep sshd” or “service ssh status” command. To run or stop the ssh service at startupsudo systemctl enable or disable ssh“.

  ┌──(kali㉿kali)-[~]      └─$ sudo systemctl start ssh
  ┌──(kali㉿kali)-[~]      └─$ sudo ss -antlp | grep sshd LISTEN 0 128* users:(("sshd",pid=65357,fd=3)) LISTEN 0 128 [::]:22 [::]:* users:(("sshd",pid=65357,fd=4))
  ┌──(kali㉿kali)-[~]      └─$ sudo netstat -antlp | grep sshd tcp 0 0* LISTEN 65357/sshd: /usr/sb tcp6 0 0 :::22 :::* LISTEN 65357/sshd: /usr/sb
  ┌──(kali㉿kali)-[~]      └─$ sudo systemctl stop ssh
  ┌──(kali㉿kali)-[~]      └─$ sudo systemctl enable ssh Synchronizing state of ssh.service with SysV service script with /lib/systemd/systemd-sysv-install. Executing: /lib/systemd/systemd-sysv-install enable ssh Created symlink /etc/systemd/system/sshd.service → /lib/systemd/system/ssh.service. Created symlink /etc/systemd/system/ → /lib/systemd/system/ssh.service.
  ┌──(kali㉿kali)-[~]      └─$ sudo systemctl disable ssh Synchronizing state of ssh.service with SysV service script with /lib/systemd/systemd-sysv-install. Executing: /lib/systemd/systemd-sysv-install disable ssh Removed /etc/systemd/system/sshd.service. Removed /etc/systemd/system/


Most services in Kali Linux are managed in much the same way as SSH and HTTP, through their service or init scripts.

To see a table of all available services, run “systemctl list-unit-files.
To see all running or disabled services run “service –status-all“.

You can view a list of different applications and port/protocol combination in /etc/services file in Linux using the “cat” command (covered in Day 1):

cat /etc/services


cat /etc/services | less



Below are the different categories of ports:

0-1023 – the Well Known Ports, also referred to as System Ports.
1024-49151 – the Registered Ports, also known as User Ports.
49152-65535 – the Dynamic Ports, also referred to as the Private Ports.

Common Ports and Protocols

 FTP (21)  DNS (53) DEFAULT
 SSH (22)  DHCP (67,68)
 Telnet (23)  TFTP (69)
 SMTP (25)  SNMP (161)
 HTTP (80) / HTTPS (443)
 POP3 (110)
 SMB (139 + 445)
 IMAP (143)


author bio

Author bio

Hi there, my name is Aydan, and I share exciting information about cyber security and ethical hacking, a.k.a pen-testing.

Other interesting articles

How to Secure a Youtube Channel?

How to Secure a Youtube Channel?

Youtube is an excellent platform for promoting your brand. People set up different channels with YouTube ...
How Secure is Snapchat?

How Secure is Snapchat?

It's necessary to recognise Snapchat's influence in the social media world. It's a service that has been around ...
Pig Butchering Scam; What is it and How to Avoid it?

Pig Butchering Scam; What is it and How to Avoid it?

Cybercriminals have no limitations, and this even includes stealing your cryptocurrency. The hackers use a variety ...
What is a Common Indicator of a Phishing Attempt?

What is a Common Indicator of a Phishing Attempt?

In the current state of cyberwar, everyone is a target. Trusting IT and security professionals to detect all ...

Submit a Comment

Your email address will not be published. Required fields are marked *

error: Alert: Content is protected !!