Room: https://tryhackme.com/jr/b88hThbspn4GqYJsYVGw
Task 1: Kali Linux
The Linux operating system source code is made freely available for possible modification and redistribution. What is the name for this type of software development?
A: open source
Linux was inspired by which previous system?
A: minix
What is the name for the main component of the Linux operating system and the core interface between a computer’s hardware and its processes?
A: kernel
Linux uses a kernel which has a single address space. What is this form of kernel known as?
A: monolithic kernel
What Linux distribution is Kali Linux derived from?
A: Debian
Task 2: Command Line Interface
What is the common name for a terminal or command-line interface?
A: shell
What is the most common shell we’ll encounter on a Linux system when you log in?
A: bash
Task 3: Listing Files
What symbol represents the root directory?
A: /
What symbol is a shortcut for the current user’s home directory?
A: ~
Files that begin with what symbol are hidden and not displayed in a default directory listing?
A: .
From the “/home/kali” directory we are able to run the command type ../file.txt. What is the absolute path (which includes the filename) of “file.txt”?
A: /home/file.txt
Task 4: Reading File Contents
Log in to the target machine via the attack box using the provided credentials: atlas/titan.
There is a file in the home directory belonging to the user Atlas called “firstflag.txt”. Print it to the terminal to obtain a flag.
A: OS{My-first-flag!}
There is a hidden file in the home directory belonging to the user Atlas. Print it to the terminal to obtain a flag.
A: OS{It's-the-atlas-flag}
There is a program called accept in the /home/atlas directory. It accepts two arguments (or options): a number between 0 and 100, and any five-character alphanumeric string. Provide these arguments to the binary to obtain the flag.
A: OS{Will_you_accept_my_flag?}
The /home/atlas/capture directory contains many flags, but only one is real. Find the true flag by identifying the most recently modified file.
Since the ls -al command does not display the exact time, I will use the stat command instead.
Command Used = atlas@linux01:~/capture$ stat *.txt
After using the above command, you will find that flag09.txt is the most recent modified file. Use the cat command on it to obtain the answer.
A: OS{You're_getting_the_hang_of_this_3f8a91de}
The /home/atlas/maze directory contains multiple directories that contain multiple directories. One of these directories contains a flag. The flag file contains the string “The end of the maze”.
When I looked into the maze folder, there were multiple nested folders. So, I used the grep command to filter out the file that contains the string ‘end of the’.
A: OS{Isn't_recursion_aMAZEing?}
Print out the file in the /home/atlas/spaces directory to obtain a flag.
A: OS{There can even be spaces in a flag}
Navigate to the /home/atlas/maze2 directory and follow the directions in instructions01.txt to obtain the flag.
This one is a bit complicated, you can see I’ve typed multiple commands to get the result.
- Moved to the
maze2directory. - Listed all the files and found
instructions01.txt. - Used
catoninstructions01.txtand discovered that it contained instructions to move to other directories. At this point, I realized there would be multiple instruction files. - Searched for all files whose names contain
instructions*and found there were 4 instruction files. - Used
caton the latest file,instructions04.txt, which instructed me to move up one directory. - Moved up one directory and found a binary called
runme. - Executed the binary and obtained the flag.
A: OS{Maybe_mazes_aren't_so_great_afterall}
Find the flag in /home/atlas/log. The flag is in the first 10 lines.
A: OS{heads_or_tails?}
Task 5: Manuals and Help
Log in to the target machine via the attack box using the provided credentials: atlas/titan.
There is a binary in the “/home/atlas/helpman” directory called “helpme”. Use what you’ve learned so far in this Topic to find the flag.
A: OS{help-me-help-you}
There is a game implemented via a binary in the “/home/atlas/panmages” directory called “panmages”. Run the binary to get more information.
A: OS{this_game_makes_a_lot_more_sense_if_you_flip_the_P_and_the_M}
The panmages game comes with a game guide. Find the flag in the reference manual for the game guide to solve this challenge.
For this question, I searched for files whose names include ‘guide’ under the root directory. I then found an interesting file under /usr/games. The file type is executable. Looking up the man page of the executable displayed the flag.
A: OS{the_best_mage_hacks_walkthroughs_and_hints}
Task 6: Linux File System
Which directory contains the configuration files for system utilities and services?
A: /etc
What directory holds the files needed to bootstrap the OS?
A: /boot
What directory is typically used to store the files of non-root users?
A: /home
What directory serves as a mount point for removable storage devices?
A: /media
Out of “/var/tmp” and “/tmp”, which directory preserves files after a system reboot?
A: /var/tmp
What is the actual path of “/dev/stderr”?
A: /proc/self/fd/2
Task 7: Setting and Using Variables
Log in to the target machine via the attack box using the provided credentials: atlas/titan.
This target’s bash shell has a complicated past. Learn more about the history of this target to find the flag. In solving this problem, try to use expansion instead of copy and paste.
A: OS{history_is_not_a_program_but_rather_a_feature_of_the_shell}
Get to know the target system’s environment. Who knows, you might even find a flag!
A: OS{what-a-GLOBAL-sensation!}
Log in to the target machine with the username “eris” and the password “discordia”. This user’s $PATH contains an unusual directory. Remove the extra directory from the variable and then run the checkpath binary in this user’s home directory to get the flag.
A: OS{no-strife-nor-discord-on-the-straight-and-narrow}
I used ChatGPT for this one.
Eris’s ls command appears to be broken. See if you can use aliases to fix it. Once ls works properly, identify a binary inside the checkls directory and run it to get the flag. This exercise may require some external research.
A: OS{using-alias-makes-me-feel-like-a-secret-agent}
You’ll need to figure out via aliases.
Eris has an alias that will display yet another flag. Figure out how to list aliases, and find the right one. This exercise may require some external research.
Catting .bashrc will provide you the answer.
A: OS{nothing-is-beyond-your-sight!}
Task 8: System Information
Log in to the target machine via the attack box using the provided credentials: eris/discordia.
What is the command that allows you to quickly find out the shell environment you are operating under?
A: echo $SHELL
Which program helps display the system architecture quickly?
A: uname
What is the single uname option that prints only the kernel release version?
A: -r
Using man, find out which option allows ls to print the index number of each file?
A: -i
On the target machine, use uname to find its hardware name.
A: x86_64
What distribution is the target machine running?
A: Ubuntu 20.04.1
Task 9: Creating and Removing Files, Directories, and Symlinks
What ls option enables colorized output on Linux?
A: color
What command will create a soft link of “/etc/passwd” in a file called “passwdlink”?
A: ln -s /etc/passwd passwdlink
What command will create a directory tree of “/test1/test2/test3” in one line?
A: mkdir -p /test1/test2/test3
Log in to the target machine via the attack box using the provided credentials: hermes/mercury.
Log into the target system with the credentials “hermes:mercury” (this nomenclature is used to designate the username “hermes” and the password “mercury”). Create an empty file called “fast.txt” in the user’s home directory. Then, run the check_file_create binary to obtain the flag.
A: OS{its_all_greek_to_me}
Hermes has a directory called “/FullOfStuff” in their home directory. Delete it, then run the check_directory_delete binary to obtain the flag.
A: OS{taking_out_the_trash_is_not_so_fun}
There is a file called “wings” in Hermes’s home. What is the full path of the file that is ultimately executed when ./wings is run?
A: /var/www/slippers
Task 10: Linux File Management with Wildcards
Log in to the target machine via the attack box using the provided credentials: athena/minerva.
Log on to the target system with the credentials “athena:minerva”. Move into the “ManyFiles” directory under Athena’s home. Inside “ManyFiles”, there are (as one might expect) many files. How many of these filenames contain the letter “g”?
A: 6
Athena also has a directory called “MoreFiles” in their home directory. Use ls to analyze the contents of the directory. Then, use wildcards to move all the files ending in “.txt” to the “/MoreFiles/AthenaDocuments” directory. Finally, run the check_more_files binary to obtain the flag.
A: OS{wildcards_are_wildly_entertaining!}
Athena has a third directory called “MassiveFiles” in their home directory. Use ls to analyze the contents of the directory. Then, use wildcards to delete all the files that start with “A”, end in “.pdf” or contain a number. Finally, run the check_massive_files binary to obtain the flag.
A: OS{wild_conditions_make_for_wild_times}
Task 11: Finding Files in Kali Linux
After creating the initial reference manual for the panmages game guide, the developers decided to start writing the guide itself. They called the guide “pmgg”. On the target machine, execute the command pmgg, and then determine which program is being run when the command is executed. The answer to this problem challenge will be found in the same directory as this pmgg program’s code.
A: OS{the_most_awesome_mage_game_in_the_world!}
There is a lost flag somewhere on the target machine. Use locate to find the “lostflag.txt” file, and read its contents.
A: OS{im_so_glad_you_fou..located_me}
What size, in bytes, is the lostflag.txt file?
A: 35
Task 12: Redirecting Output
What is the full path of the device we can use to redirect uninteresting output? This exercise might require some external research.
A: /dev/null
Log into the target server with the credentials “artemis:diana”. Artemis has a pile of assorted flags in the /home/artemis/AssortedFlags directory. Each flag begins with an eight-digit hexadecimal number. The solution to this challenge is the flag with the smallest number.
A: OS{00c4970c_what_an_asSORTment_of_flags}
In the /home/artemis directory, navigate to the BasicPipingAndRedirection/ folder. Then, direct the contents of the MegaFile text document to the BinaryChecker binary to obtain the flag.
A: OS{<_redirects_file_output_to_program_input}
Execute the provided pipe binary. The output is a mix of standard output and standard error output, and the error output contains the flag. Either redirect the standard output to /dev/null to display only the flag, or redirect the error output to a file and then read the flag from the file.
A: af6f59b65684b4f887051535d9069219
Determine the total number of accounts on this machine aside from the root user.
A: 36 (This should be 37, but only accepting 36 as the answer)
Command Explanation:
- Extracts all usernames from the
/etc/passwdfile withawk. - Removes the “root” username and any blank lines from the list using
sed. - Counts the remaining usernames using
wc. - Outputs the number of non-root user accounts on the system.
Task 13: Using grep, sed, cut, and awk
Extract the 13th field from the file located in Artemis’s “/home” called “FieldOfFlags” to solve this problem challenge. Try to get the complete flag with a single one-liner.
A: OS{if_you_build_it_they_will_come}
Task 14: Comparing Files
Which diff flag will ignore blank lines?
A: -D (The answer should be -B, but only -D is accepted as the answer which is wrong)
Task 15: Editing Files from the Command Line
To save text in nano, we can use a hotkey combination. What letter is used in combination with the Ctrl key to save text?
A: O
To save text in nano, we can use a hotkey combination. What letter is used in combination with the Ctrl key to save text?
A: -B
Which option when used on the command-line with nano will display line numbers?
A: -l