Welcome to my walkthrough of the TryHackMe: Linux Fundamentals 2 room on TryHackMe!
In this room we we learn more about SSH, Linux commands and how to interact with the file system.
Let’s continue where we left of in part 1. The previous article van be found here.
![Linux Fundamentals 2 Banner](https://www.jalblas.com/wp-content/uploads/2023/09/Linux-Fundamentals-2-Banner.jpg)
Linux Fundamentals 2 Banner
Room URL: https://tryhackme.com/room/linuxfundamentalspart2
I am making these walkthroughs to keep myself motivated to learn cyber security, and ensure that I remember the knowledge gained by THMs rooms. Join me on learning cyber security. I will try and explain concepts as I go, to differentiate myself from other walkthroughs.
Task 1: Introduction
Welcome back to part 2 of the Linux Fundamentals series on TryHackMe.
Part 2 transitions from in-browser functionality to a key skill: logging into and controlling remote machine terminals. It covers:
- Using flags and arguments to unlock command potential.
- Exploring the filesystem for advanced commands like copying and moving files.
- Understanding file and folder access management and determining permissions.
Nothing more to do here but proceed.
Questions
Let’s proceed!
Answer: No answer needed
Task 2: Accessing Your Linux Machine Using SSH
This section introduces Secure Shell (SSH), the protocol for securely logging into and controlling remote Linux machines, transitioning from the in-browser approach used in Linux Fundamentals Part 1. Key points include:
What is SSH?
- SSH is a protocol that allows encrypted communication between devices.
- It enables remote command execution while encrypting data sent over the network for security.
Setup Overview:
- Deploy two machines: Your Linux machine (target) & TryHackMe AttackBox (client)
- The TryHackMe AttackBox is an online Ubuntu Linux machine accessed via a browser
Using SSH to Login:
- Syntax: ssh username@IP_address
- For this task:
Username: tryhackme, Password: tryhackme - Example command:
ssh tryhackme@MACHINE_IP
(replace MACHINE_IP with the displayed IP). - Enter the password when prompted (no visible feedback).
Once logged in, commands executed will run on the remote machine.
Questions
I’ve logged into the Linux Fundamentals Part 2 machine using SSH!
Answer: No answer needed
Task 3: Introduction to flags and switches
Most of the terminal commands allow for arguments to be given. These are given by writing a hyphen (‘-’) and a keyword, known as flags or switches).
When using a command, unless otherwise specified, it will perform its default behavior. For example, ls lists the contents of the working directory. However, hidden files are not shown. We can use flags and switches to extend the behavior of commands.
For example, after using the -a argument (short for –all), we now suddenly have an output with a few more files and folders such as “.hiddenfolder”. Files and folders with “.” are hidden files.
Commands that accept these will also have a–help option. This option will list the possible options that the command accepts, provide a brief description and example of how to use it.
The manual pages are a great source of information for both system commands and applications available on both a Linux machine, which is accessible on the machine itself and online. To access this documentation, we can use the man
command and then provide the command we want to read the documentation for.
Questions
Explore the manual page of the ls command
Write man ls
. You will get an output that will look like this:
man ls
Answer: Done
What directional arrow key would we use to navigate down the manual page?
You can use the up/down arrows to navigate with small steps, and the f/b keys to navigate up/down with larger steps. But the answer here is down.
Answer: down
What flag would we use to display the output in a “human-readable” way?
We can use the -h flag to output in a human-readable format.
ls h flag
Answer: -h
Task 4: Filesystem Interaction Continued
It’s time to learn some new commands. In this room we will focus on creating, moving and deleting files and folder. We will learn the following commands:
- touch — Creates a file
- mkdir — Creates a directory
- copy — Copies a file or folder
- mv — Moves a file or folder
- rm — Removes a file or folder
- type — Outputs the type of a file
Creating Files and Folders (touch, mkdir)
Creating files and folders on Linux is a simple process. First, we’ll cover creating a file. The touch command takes exactly one argument — the name we want to give the file we create. For example, we can create the file “note” by using touch note
. It’s worth noting that touch simply creates a blank file.
This is a similar process for making a folder, which just involves using the mkdir
command and again providing the name that we want to assign to the directory.
Removing Files and Folders
You can simply remove files by using rm
. If you want to remove folders though, you need to add the –R switch alongside the name of the directory you wish to remove.
Copying and Moving Files and Folders
Copying and moving files is an important functionality on a Linux machine. Starting with cp
, this command takes two arguments:
1. the name of the existing file
2. the name we wish to assign to the new file when copying
Moving a file takes two arguments, just like the cp command. However, rather than copying and/or creating a new file, mv
will merge or modify the second file that we provide as an argument. Note that not only can you use mv to move a file to a new folder, but you can also use mv to rename a file or folder.
Determining File Type
We use file
to determine the file type of a file:
file note note: ASCII text
Questions
How would you create the file named “newnote”?
Simply use the touch command, followed by the name to be given to the file (in this case newnote).
Answer: touch newnote
On the deployable machine, what is the file type of “unknown1” in “tryhackme’s” home directory?
Just write: file unknown1
![File command](https://www.jalblas.com/wp-content/uploads/2023/09/File-command.png)
File command used on unknown1
Answer: ASCII text
How would we move the file “myfile” to the directory “myfolder”
Here we can use the move command (mv), followed by the file name and the name of the directory to move to.
Answer: mv myfile myfolder
What are the contents of this file?
![Reading myfile](https://www.jalblas.com/wp-content/uploads/2023/09/Reading-myfile.png)
Reading myfile which contains a flag!
Answer: THM{FILESYSTEM}
Continue to apply your knowledge and practice the commands from this task.
Answer: No answer needed
Task 5: Permissions 101
Listing Permissions
We can use the command ls -lh
to list the permissions of all files in a folder.
ls -lh -rw-r--r-- 1 cmnatic cmnatic 0 Feb 19 10:37 file1 -rw-r--r-- 8 cmnatic cmnatic 0 Feb 19 10:37 file2
Although intimidating, these three columns are very important in determining certain characteristics of a file or folder and whether or not we have access to it. A file or folder can have a couple of characteristics that determine both what actions are allowed and what user or group has the ability to perform:
- Read
- Write
- Execute
It has the “-” indicator highlighting that it is a file and then “rw” followed after. This means that only the owner of the file can read and write to this file but cannot execute it.
These symbols appear in three sets, corrosponding to different groups. They are grouped based on their ownership level (examples from ls -lh above):
- Owner (rw-)
- Group (r—-)
- Other (r—-)
This means that the owner has read and write permissions, while group members and other users only have read permissions.
Switching Between Users
Switching between users on a Linux install is easy using the su
command. Unless you are the root user (or using root permissions through sudo), then you are required to know two things to facilitate this transition of user accounts:
- The user we wish to switch to
- The user’s password
The su command takes a couple of switches that may be useful. An important one is the -l or –login switch. By using this flag we start a shell that is much more similar to the actual user logging into the system – we inherit a lot more properties of the new user, i.e., environment variables and the likes.
Questions
On the deployable machine, who is the owner of “important”?
For this we can use the ls -lh
command:
Ownership of important file
Note that the fil is owned by user2.
Answer: user2
What would the command be to switch to the user “user2”?
Simply use su followed by the username.
Answer: su user2
Now switch to this user “user2” using the password “user2”
Use the command from the previous question.
Changing to user2
Answer: No answer needed
Output the contents of “important”, what is the flag?
Make sure you changed user to user 2. Then you can read the file by using the cat command followed by the path to the file to read.
![Reading important file](https://www.jalblas.com/wp-content/uploads/2023/09/Reading-important-file.png)
Reading important file
Answer: THM{SU_USER2}
Task 6: Common Directories
Linux has a number of common directories that you should know about. These are the following:
/etc
This root directory is one of the most important root directories on your system. The etc folder (short for etcetera) is a commonplace location to store system files that are used by your operating system.
For example, the sudoers file contains a list of the users & groups that have permission to run sudo or a set of commands as the root user. Also important are the passwd and shadow files. These two files are special for Linux as they show how your system stores the passwords for each user in a hash formatting called sha512.
/var
The “/var” directory, with “var” being short for variable data, stores data that is frequently accessed or written by services or applications running on the system. For example, log files from running services and applications are written here (/var/log), or other data that is not necessarily associated with a specific user (i.e., databases and the like).
/root
There isn’t anything more to this folder other than just understanding that this is the home directory for the “root” user. You might assume that the root user would have their data in a directory such as /home/root by default, but this is not the case.
/tmp
This is a unique root directory found on a Linux install. Short for temporary, the /tmp directory is used to store data that is only needed to be accessed once or twice. Similar to the memory on your computer, once the computer is restarted, the contents of this folder are cleared out. What’s useful for us in pentesting is that any user can write to this folder by default. Meaning once we have access to a machine, it serves as a good place to store things like our enumeration scripts.
Questions
What is the directory path that would we expect logs to be stored in?
We expect logs to be stored in the log directory, which in turn is saved in /var.
Answer: /var/log
What root directory is similar to how RAM on a computer works?
The /tmp directory is similar to the memory on your computer, once the computer is restarted, the contents of this folder are cleared out
Answer: /tmp
Name the home directory of the root user
The home directory is stored in /root (not in home/root as you might have expected).
Answer: /root
Now apply your learning and navigate through these directories on the deployed Linux machine.
Go, play, and have fun! This is the best way to learn.
Answer: No answer needed
Task 7: Conclusions and Summaries
We are done! I hope you learned as much as I did by writing this summary.
This Linux fundamentals room covered key concepts, including:
- Connecting to a Linux machine remotely via SSH.
- Using commands with flags, switches, and referencing
man
pages for help. - Common commands to interact with the filesystem and its contents.
- An introduction to file permissions and switching users.
- An overview of essential root directories on Ubuntu Linux and their purposes.
Revisiting the material for practice is encouraged to reinforce understanding.
Thank you so much for reading this walkthrough of the TryHackMe: Linux Fundamentals 2 room.
Like my articles?
You are welcome to give my article a clap or two 🙂
I would be so grateful if you support me by buying me a cup of coffee:
I learned a lot through HackTheBox’s Academy. If you want to sign up, you can get extra cubes, and support me in the process, if you use the following link: