Welcome to my walkthrough of the second Linux Fundamentals room on TryHackMe! Let’s continue where we left of in part 1. The previous article van be found here.
Task 1 (Introduction)
Let’s get started. This room will introduce you to flags, arguments, advanced filesystem knowledge, and permissions!
Nothing more to do here but proceed to part 2!
Task 2 (Accessing Your Linux Machine Using SSH)
This task is very specific to TryHackMe. Therefore I recommend you to follow their guide very thoroughly at: https://tryhackme.com/room/linuxfundamentalspart2
I will be moving to task 3.
Task 3 (Introduction to flags and switches)
Most of the terminal commands allow for arguments to be given. These are given by writing a hyphen (‘-’) and a keyword, known as flags or switches).
When using a command, unless otherwise specified, it will perform its default behavior. For example, ls
lists the contents of the working directory. However, hidden files are not shown. We can use flags and switches to extend the behavior of commands.
However, after using the -a
argument (short for --all
), we now suddenly have an output with a few more files and folders such as “.hiddenfolder”. Files and folders with “.” are hidden files.
Commands that accept these will also have a--help
option. This option will list the possible options that the command accepts, provide a brief description and example of how to use it.
The manual pages are a great source of information for both system commands and applications available on both a Linux machine, which is accessible on the machine itself and online. To access this documentation, we can use the man
command and then provide the command we want to read the documentation for.
Questions
Explore the manual page of the ls command
Write man ls.
Answer: Done
What directional arrow key would we use to navigate down the manual page?
Answer: down
What flag would we use to display the output in a “human-readable” way?
Answer: -h
Task 4 (Filesystem Interaction Continued)
It’s time to learn some new commands. In this room we will focus on creating, moving and deleting files and folder. We will learn the following commands:
- touch — Creates a file
- mkdir — Creates a directory
- copy — Copies a file or folder
- mv — Moves a file or folder
- rm — Removes a file or folder
- type — Outputs the type of a file
Creating Files and Folders (touch, mkdir)
Creating files and folders on Linux is a simple process. First, we’ll cover creating a file. The touch command takes exactly one argument — the name we want to give the file we create. For example, we can create the file “note” by using touch note. It’s worth noting that touch simply creates a blank file.
This is a similar process for making a folder, which just involves using the mkdir command and again providing the name that we want to assign to the directory.
Removing Files and Folders
You can simply remove files by using rm. If you want to remove folders though, you need to add the –R switch alongside the name of the directory you wish to remove.
Copying and Moving Files and Folders
Copying and moving files is an important functionality on a Linux machine. Starting with cp, this command takes two arguments:
1. the name of the existing file
2. the name we wish to assign to the new file when copying
Moving a file takes two arguments, just like the cp command. However, rather than copying and/or creating a new file, mv will merge or modify the second file that we provide as an argument. Not only can you use mv
to move a file to a new folder, but you can also use mv to rename a file or folder.
Determining File Type
We use file to determine the file type of a file:
tryhackme@linux2:~$ file note
note: ASCII text
Questions
How would you create the file named “newnote”?
Answer: touch newnote
On the deployable machine, what is the file type of “unknown1” in “tryhackme’s” home directory?
Just write file unknown1.
Answer: ASCII text
How would we move the file “myfile” to the directory “myfolder”
Answer: mv myfile myfolder
What are the contents of this file?
Answer: THM{FILESYSTEM}
Continue to apply your knowledge and practice the commands from this task.
Answer: No answer needed
Task 5 (Permissions 101)
We can use the command ls -lh to list the permissions of all files in a folder.
tryhackme@linux2:~$ ls -lh
-rw-r--r-- 1 cmnatic cmnatic 0 Feb 19 10:37 file1
-rw-r--r-- 8 cmnatic cmnatic 0 Feb 19 10:37 file2
Although intimidating, these three columns are very important in determining certain characteristics of a file or folder and whether or not we have access to it. A file or folder can have a couple of characteristics that determine both what actions are allowed and what user or group has the ability to perform:
- Read
- Write
- Execute
It has the “-” indicator highlighting that it is a file and then “rw” followed after. This means that only the owner of the file can read and write to this file but cannot execute it.
These symbols appear in three sets, corrosponding to different groups. They are grouped based on their ownership level (examples from ls -lh above):
1. Owner (rw-) 2. Group (r—-) 3. Other (r—-)
Switching Between Users
Switching between users on a Linux install is easy using the su command. Unless you are the root user (or using root permissions through sudo), then you are required to know two things to facilitate this transition of user accounts:
- The user we wish to switch to
- The user’s password
The su command takes a couple of switches that may be useful. An important one is the -l or –login switch. By using this flag we start a shell that is much more similar to the actual user logging into the system – we inherit a lot more properties of the new user, i.e., environment variables and the likes.
Questions
On the deployable machine, who is the owner of “important”?
Answer: user2
What would the command be to switch to the user “user2”?
Answer: su user2
Now switch to this user “user2” using the password “user2”
Answer: No answer needed
Output the contents of “important”, what is the flag?
Make sure you change user to user 2 by writing su user2, followed by typing in the password (user2).
Answer: No answer needed
Task 6 (Common Directories)
Linux has a number of common directories that you should know about. These are the following:
/etc
This root directory is one of the most important root directories on your system. The etc folder (short for etcetera) is a commonplace location to store system files that are used by your operating system.
For example, the sudoers file contains a list of the users & groups that have permission to run sudo or a set of commands as the root user. Also important are the “passwd” and “shadow” files. These two files are special for Linux as they show how your system stores the passwords for each user in a hash formatting called sha512.
/var
The “/var” directory, with “var” being short for variable data, stores data that is frequently accessed or written by services or applications running on the system. For example, log files from running services and applications are written here (/var/log), or other data that is not necessarily associated with a specific user (i.e., databases and the like).
/root
There isn’t anything more to this folder other than just understanding that this is the home directory for the “root” user. You might assume that the root user would have their data in a directory such as “/home/root” by default, but this is not the case.
/tmp
This is a unique root directory found on a Linux install. Short for “temporary”, the /tmp directory is used to store data that is only needed to be accessed once or twice. Similar to the memory on your computer, once the computer is restarted, the contents of this folder are cleared out. What’s useful for us in pentesting is that any user can write to this folder by default. Meaning once we have access to a machine, it serves as a good place to store things like our enumeration scripts.
Questions
What is the directory path that would we expect logs to be stored in?
Answer: /var/log
What root directory is similar to how RAM on a computer works?
Answer: /tmp
Name the home directory of the root user
Answer: /root
Now apply your learning and navigate through these directories on the deployed Linux machine.
Answer: No answer needed
Task 7 (Conclusions and Summaries)
We are done! I hope you learned as much as I did by writing this summary. Thank you so much for reading!
Like my articles?
You are welcome to give my article a clap or two 🙂
I would be so grateful if you support me by buying me a cup of coffee:
I learned a lot through HackTheBox’s Academy. If you want to sign up, you can get extra cubes, and support me in the process, if you use the following link: