Now that we know that processes run, how can we go about finding processes? There must be some way to find a particular process… like if I want to find every process that has the letter a in the name. Or if I want to find every process that has a name like ‘insight’ because I’m sure Hydra is running something on my system and I want to know what it is. Or if I want to know every process that’s being run by a user with the name hydra.
You get the idea. I want to find processes!
To do this, we’re going to combine two commands. The first is ps, that useful command that lists the processes. The second is that useful command grep that we used to find things in files.
ps auxw shows you every single process that’s currently running on a system. On a system that’s very very busy, this can be a lot. There’s 65536 processes allowed at any time, so combing through those looking for hydra (or Hydra or hYdRa) would take too long. I’m lazy! I want the system to do it for me!
From this post we know that grep has an option where it ignores case. This means it can find hydra, Hydra, HYdra, HyDrA, or… I’m stopping that now. It means you can find any combination of the 5 letters hydra no matter what capitals you use.
Now that we have those two commands, we’re going to combine them. Remember this post on pipes? We can take the output from one command, ps and pipe it through to the other command, grep.
Alpha:~ computerlamp$ ps auwx | grep -i hydra
Nothing was found from that command. Hurray! No Hydra user on the system!
…unless they’re hiding themselves. Alexander Pierce didn’t have a username of Hydra. He was hiding and probably had a user name of apierce or alexander or alexander.pierce or even supersecretary. But not something we could actually look for in ps.
Remember ps a from this post? It showed what processes you were running in a single terminal. If you want to see every single process you were running, no matter what terminal, then this combination of ps and grep would work for you!
Alpha:~ computerlamp$ ps auwx | grep -i computerlamp
Finding processes is easy with that combination of ps and grep!