KL011 – Managing Processes – Process Control – SMEnode

Kali Linux

process status (ps)

The command ps lists processes system-wide. This is one of your main tools to understand what software is running on the system. The main switches are:

e to select all processes
f to display full format listing (UID, PID, etc.)
l to display in long format

┌──(kali㉿kali-1)-[~]
└─$ ps -elf
F S UID          PID    PPID  C PRI  NI ADDR SZ WCHAN  STIME TTY          TIME CMD
4 S root           1       0  0  80   0 - 41538 -      Apr07 ?        00:00:04 /sbin/init splash
1 S root           2       0  0  80   0 -     0 -      Apr07 ?        00:00:00 [kthreadd]
1 I root           3       2  0  60 -20 -     0 -      Apr07 ?        00:00:00 [rcu_gp]
1 I root           4       2  0  60 -20 -     0 -      Apr07 ?        00:00:00 [rcu_par_gp]
1 I root           6       2  0  60 -20 -     0 -      Apr07 ?        00:00:00 [kworker/0:0H-events_highpri]
1 I root           8       2  0  60 -20 -     0 -      Apr07 ?        00:00:00 [mm_percpu_wq]
1 S root           9       2  0  80   0 -     0 -      Apr07 ?        00:00:00 [rcu_tasks_rude_]
1 S root          10       2  0  80   0 -     0 -      Apr07 ?        00:00:00 [rcu_tasks_trace]

Finding your SSH process in the massive listing is no easy, we can replace -e switch (-e for all processes) with -C (Select by command name):

┌──(kali㉿kali-1)-[~]
└─$ ps -fC sshd
UID          PID    PPID  C STIME TTY          TIME CMD
root         571       1  0 Apr07 ?        00:00:00 sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups
root      275568     571  0 14:53 ?        00:00:00 sshd: kali [priv]
root      275602     571  0 14:53 ?        00:00:00 sshd: kali [priv]
kali      275608  275568  0 14:53 ?        00:00:01 sshd: kali@pts/0
kali      275632  275602  0 14:53 ?        00:00:00 sshd: kali@notty

kill

To stop one of those processes, you can use kill command along with the PID of the process.

┌──(kali㉿kali-1)-[~]
└─$ ps -fC sshd
UID          PID    PPID  C STIME TTY          TIME CMD
root         571       1  0 Apr07 ?        00:00:00 sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups
root      275568     571  0 14:53 ?        00:00:00 sshd: kali [priv]
root      275602     571  0 14:53 ?        00:00:00 sshd: kali [priv]
kali      275608  275568  0 14:53 ?        00:00:01 sshd: kali@pts/0
kali      275632  275602  0 14:53 ?        00:00:00 sshd: kali@notty

┌──(kali㉿kali-1)-[~]
└─$ sudo kill 571
[sudo] password for kali:

┌──(kali㉿kali-1)-[~]
└─$ ps -fC sshd
UID          PID    PPID  C STIME TTY          TIME CMD
root      275568       1  0 14:53 ?        00:00:00 sshd: kali [priv]
root      275602       1  0 14:53 ?        00:00:00 sshd: kali [priv]
kali      275608  275568  0 14:53 ?        00:00:01 sshd: kali@pts/0
kali      275632  275602  0 14:53 ?        00:00:00 sshd: kali@notty

Leave a Reply Cancel reply