Jasper Alblas
TryHackMe: Linux Fundamentals Part 2 – Walkthrough
Welcome to my walkthrough of the TryHackMe: Linux Fundamentals Part 2 room on TryHackMe!
In this room we we learn more about SSH, Linux commands and how to interact with the file system.
Let’s continue where we left of in part 1. The previous article van be found here.
Room URL: https://tryhackme.com/room/linuxfundamentalspart2
I am making these walkthroughs to keep myself motivated to learn cyber security, and ensure that I remember the knowledge gained by THMs rooms. Join me on learning cyber security. I will try and explain concepts as I go, to differentiate myself from other walkthroughs.
Table of Contents
Task 1: Introduction
Welcome back to part 2 of the Linux Fundamentals series on TryHackMe.
Part 2 transitions from in-browser functionality to a key skill: logging into and controlling remote machine terminals. It covers:
- Using flags and arguments to unlock command potential.
- Exploring the filesystem for advanced commands like copying and moving files.
- Understanding file and folder access management and determining permissions.
Nothing more to do here but proceed.
Questions
Let’s proceed!
Answer: No answer needed
Task 2: Accessing Your Linux Machine Using SSH
This section introduces Secure Shell (SSH), the protocol for securely logging into and controlling remote Linux machines, transitioning from the in-browser approach used in Linux Fundamentals Part 1. Key points include:
What is SSH?
- SSH is a protocol that allows encrypted communication between devices.
- It enables remote command execution while encrypting data sent over the network for security.
Setup Overview:
- Deploy two machines: Your Linux machine (target) & TryHackMe AttackBox (client)
- The TryHackMe AttackBox is an online Ubuntu Linux machine accessed via a browser
Using SSH to Login:
- Syntax: ssh username@IP_address
- For this task:
Username: tryhackme, Password: tryhackme - Example command:
ssh tryhackme@MACHINE_IP(replace MACHINE_IP with the displayed IP). - Enter the password when prompted (no visible feedback).
Once logged in, commands executed will run on the remote machine.
Questions
I’ve logged into the Linux Fundamentals Part 2 machine using SSH!
Answer: No answer needed
Task 3: Introduction to flags and switches
Most of the terminal commands allow for arguments to be given. These are given by writing a hyphen (‘-’) and a keyword, known as flags or switches).
When using a command, unless otherwise specified, it will perform its default behavior. For example, ls lists the contents of the working directory. However, hidden files are not shown. We can use flags and switches to extend the behavior of commands.
For example, after using the -a argument (short for –all), we now suddenly have an output with a few more files and folders such as “.hiddenfolder”. Files and folders with “.” are hidden files.
Commands that accept these will also have a–help option. This option will list the possible options that the command accepts, provide a brief description and example of how to use it.
The manual pages are a great source of information for both system commands and applications available on both a Linux machine, which is accessible on the machine itself and online. To access this documentation, we can use the man command and then provide the command we want to read the documentation for.
Questions
Explore the manual page of the ls command
Write man ls. You will get an output that will look like this:
Answer: Done
What directional arrow key would we use to navigate down the manual page?
You can use the up/down arrows to navigate with small steps, and the f/b keys to navigate up/down with larger steps. But the answer here is down.
Answer: down
What flag would we use to display the output in a “human-readable” way?
We can use the -h flag to output in a human-readable format.
Answer: -h
Task 4: Filesystem Interaction Continued
It’s time to learn some new commands. In this room we will focus on creating, moving and deleting files and folder. We will learn the following commands:
- touch — Creates a file
- mkdir — Creates a directory
- copy — Copies a file or folder
- mv — Moves a file or folder
- rm — Removes a file or folder
- type — Outputs the type of a file
Creating Files and Folders (touch, mkdir)
Creating files and folders on Linux is a simple process. First, we’ll cover creating a file. The touch command takes exactly one argument — the name we want to give the file we create. For example, we can create the file “note” by using touch note. It’s worth noting that touch simply creates a blank file.
This is a similar process for making a folder, which just involves using the mkdir command and again providing the name that we want to assign to the directory.
Removing Files and Folders
You can simply remove files by using rm. If you want to remove folders though, you need to add the –R switch alongside the name of the directory you wish to remove.
Copying and Moving Files and Folders
Copying and moving files is an important functionality on a Linux machine. Starting with cp, this command takes two arguments:
1. the name of the existing file
2. the name we wish to assign to the new file when copying
Moving a file takes two arguments, just like the cp command. However, rather than copying and/or creating a new file, mv will merge or modify the second file that we provide as an argument. Note that not only can you use mv to move a file to a new folder, but you can also use mv to rename a file or folder.
Determining File Type
We use file to determine the file type of a file:
file note
note: ASCII textQuestions
How would you create the file named “newnote”?
Simply use the touch command, followed by the name to be given to the file (in this case newnote).
Answer: touch newnote
On the deployable machine, what is the file type of “unknown1” in “tryhackme’s” home directory?
Just write: file unknown1
Answer: ASCII text
How would we move the file “myfile” to the directory “myfolder”
Here we can use the move command (mv), followed by the file name and the name of the directory to move to.
Answer: mv myfile myfolder
What are the contents of this file?
Answer: THM{FILESYSTEM}
Continue to apply your knowledge and practice the commands from this task.
Answer: No answer needed
Task 5: Permissions 101
Listing Permissions
We can use the command ls -lh to list the permissions of all files in a folder.
ls -lh
-rw-r--r-- 1 cmnatic cmnatic 0 Feb 19 10:37 file1
-rw-r--r-- 8 cmnatic cmnatic 0 Feb 19 10:37 file2Although intimidating, these three columns are very important in determining certain characteristics of a file or folder and whether or not we have access to it. A file or folder can have a couple of characteristics that determine both what actions are allowed and what user or group has the ability to perform:
- Read
- Write
- Execute
It has the “-” indicator highlighting that it is a file and then “rw” followed after. This means that only the owner of the file can read and write to this file but cannot execute it.
These symbols appear in three sets, corrosponding to different groups. They are grouped based on their ownership level (examples from ls -lh above):
- Owner (rw-)
- Group (r—-)
- Other (r—-)
This means that the owner has read and write permissions, while group members and other users only have read permissions.
Switching Between Users
Switching between users on a Linux install is easy using the su command. Unless you are the root user (or using root permissions through sudo), then you are required to know two things to facilitate this transition of user accounts:
- The user we wish to switch to
- The user’s password
The su command takes a couple of switches that may be useful. An important one is the -l or –login switch. By using this flag we start a shell that is much more similar to the actual user logging into the system – we inherit a lot more properties of the new user, i.e., environment variables and the likes.
Questions
On the deployable machine, who is the owner of “important”?
For this we can use the ls -lh command:
Note that the file is owned by user2.
Answer: user2
What would the command be to switch to the user “user2”?
Simply use su followed by the username.
Answer: su user2
Now switch to this user “user2” using the password “user2”
Use the command from the previous question.
Answer: No answer needed
Output the contents of “important”, what is the flag?
Make sure you changed user to user 2. Then you can read the file by using the cat command followed by the path to the file to read.
Answer: THM{SU_USER2}
Task 6: Common Directories
Linux has a number of common directories that you should know about. These are the following:
/etc
This root directory is one of the most important root directories on your system. The etc folder (short for etcetera) is a commonplace location to store system files that are used by your operating system.
For example, the sudoers file contains a list of the users & groups that have permission to run sudo or a set of commands as the root user. Also important are the passwd and shadow files. These two files are special for Linux as they show how your system stores the passwords for each user in a hash formatting called sha512.
/var
The “/var” directory, with “var” being short for variable data, stores data that is frequently accessed or written by services or applications running on the system. For example, log files from running services and applications are written here (/var/log), or other data that is not necessarily associated with a specific user (i.e., databases and the like).
/root
There isn’t anything more to this folder other than just understanding that this is the home directory for the “root” user. You might assume that the root user would have their data in a directory such as /home/root by default, but this is not the case.
/tmp
This is a unique root directory found on a Linux install. Short for temporary, the /tmp directory is used to store data that is only needed to be accessed once or twice. Similar to the memory on your computer, once the computer is restarted, the contents of this folder are cleared out. What’s useful for us in pentesting is that any user can write to this folder by default. Meaning once we have access to a machine, it serves as a good place to store things like our enumeration scripts.
Questions
What is the directory path that would we expect logs to be stored in?
We expect logs to be stored in the log directory, which in turn is saved in /var.
Answer: /var/log
What root directory is similar to how RAM on a computer works?
The /tmp directory is similar to the memory on your computer, once the computer is restarted, the contents of this folder are cleared out
Answer: /tmp
Name the home directory of the root user
The home directory is stored in /root (not in home/root as you might have expected).
Answer: /root
Now apply your learning and navigate through these directories on the deployed Linux machine.
Go, play, and have fun! This is the best way to learn.
Answer: No answer needed
Task 7: Conclusions and Summaries
We are done! I hope you learned as much as I did by writing this summary.
This Linux fundamentals room covered key concepts, including:
- Connecting to a Linux machine remotely via SSH.
- Using commands with flags, switches, and referencing
manpages for help. - Common commands to interact with the filesystem and its contents.
- An introduction to file permissions and switching users.
- An overview of essential root directories on Ubuntu Linux and their purposes.
Revisiting the material for practice is encouraged to reinforce understanding.
Conclusion
Thank you so much for reading this walkthrough of the TryHackMe: Linux Fundamentals 2 room.
You can find my other walkthroughs here.
Like my articles?
You are welcome to share my blog post with your friends.
I would be so grateful if you support me by buying me a cup of coffee:
I learned a lot through HackTheBox’s Academy. If you want to sign up, you can get extra cubes, and support me in the process, if you use the following link:
