TryHackMe: Linux Challenges [Writeup] pt.2

  1. Run the command flag11. Locate where your command alias are stored and get flag 11

Run command “flag11”

flag11

Run command “alias”

alias

The next step is looking into “.bashrc” . This is where alias is created.

ls -la

Here’s “.bashrc”.

cat .bashrc

2. Flag12 is located were MOTD’s are usually found on an Ubuntu OS. What is flag12?
Normally, motd is stored in “/etc/update-motd.d/”

cd /etc/update-motd.d/ls
cat 00-header

3. Find the difference between two script files to find flag 13.

find / -name flag13 | grep flag13

flag13 is located in /home/bob/flag13

cd /home/bob/flag13/ls

There’re 2 scripts.

diff script1 script2

4. Where on the file system are logs typically stored? Find flag 14.

cd /var/loglscat flagtourteen.txt

5. Can you find information about the system, such as the kernel version etc. Find flag 15.
I tried these commands:

uname -ahostnamectlcat /proc/versionlsb_release -acat /etc/*release

6. Flag 16 lies within another system mount.
“/media” directory contains subdirectories of removable devices

cd /media/f/l/a/g/1/6/isls

7. Login to alice’s account using her private key and get flag 17.

su alice
Password: TryHackMe123
ls -lacat flag17

8. Find the hidden flag 18.

ls -lacat .flag18

9. Read the 2345th line of the file that contains flag 19.

awk ‘NR==2345’ flag19
  1. Find and retrieve flag 20.
    in Alice’s home directory (/home/alice/)
lscat flag 20

It is a base64 string. Have to decode it.

cat flag 20 | base64 -d

2. Inspect the flag21.php file. Find the flag
flag21.php is located in /home/bob
I tried:

cat flag21.phpmore flag21.php
less flag21.php

3. Locate and read flag 22. Its represented as hex.

find / -name flag22 | grep flag22

flag22 is located in /home/alice/flag22

cd /home/alice/lscat flag22

It is hex code.

Decoding hex

cat flag22 | xxd -r -p

4. Locate, read and reverse flag 23.

cat flag23 | rev

5. Analyse the flag 24 compiled C program. Find a command that might reveal human readable strings when looking in the source code.

find / -type f -name flag24 | grep flag24

flag 24 is located in /home/garry/flag24

cd /home/garry/./flag24
strings flag24

6. Flag 25 does not exist. — skipped

7. Locate and retrieve flag 26.

find / -xdev -type f -print0 2>/dev/null | xargs -0 grep -E ‘^[a-z0–9]{32}$’ 2>/dev/null

8. Locate and retrieve flag 27, which is owned by the root user.

sudo -l
sudo cat /home/flag27

10. What’s the linux kernel version?

uname -a

11. Find the file called flag 29 and do the following operations on it:
- Remove all spaces in file.
- Remove all new line spaces.
- Split by comma and get the last element in the split.

Find the file

find / -type f -name flag29 | grep flag29
cat /home/garry/flag29 | tr -d “ \n” > file.txtcat file.txt

Last element

  1. Use curl to find flag 30.
curl localhost

2. Flag 31 is a MySQL database name.
- MySQL username: root
- MySQL password: hello

mysql -u root -p

list database name

show databases;

3. Bonus flag question, get data out of the table from the database you found above!

use database_2fb1cab13bf5f4d61de3555430c917f4show tables;select * from flags;

4. Using SCP, FileZilla or another FTP client download flag32.mp3 to reveal flag 32.
Using FileZilla and download flag32.mp3 in /home/alice/

5. Flag 33 is located where your personal $PATH’s are stored.

cat /home/alice/.profile

Nothing

Try looking into bob’s directory

cat /home/bob/.profile

6. Switch your account back to bob. Using system variables, what is flag34?

su bob
password: linuxrules
printenv

7. Look at all groups created on the system. What is flag 35?

cat /etc/group

8. Find the user which is apart of the “hacker” group and read flag 36.

List groups

groups
groups hackergroups bob

bob is in hacker group.

find / -type f -name flag36 | grep flag36cat /etc/flag36

13. Well done! You’ve completed the LinuxCTF room!

Love podcasts or audiobooks? Learn on the go with our new app.

BUSTA VERSE State of Address!

Question:-

Compare text differences between two contents (%) using Ruby on Rails

Unity for the win, on Bitrise too!

Why I go to hackathons and why you should consider going

How to Build a Serverless CRUD API with API Gateway, Lambda, and DynamoDB

Managing Kubernetes clusters with kubeadm and etcdctl

AWS Lambda trigger for logging a JIRA ticket on a 3 week rotation

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
ratiros01

ratiros01

OSCP

More from Medium

Paper HackTheBox Write-Up

Hacktoria: Geolocation 10 (Walkthrough)

Livestream setup

AntyBank Security Innovations