Linux fundamentals part 1

Loading.

Discord

Come join our Discord server for support or further discussions

Forum

Writeups should have a link to TryHackMe and not include any passwords/cracked hashes/flags

Learn

Socials

Web-Based Machine Information

Use the web-based machine to attack other target machines you start on TryHackMe.

• Public IP:
• Private IP: (Use this for your reverse shells)
• Username:
• Password:
• Protocol:

• To copy to and from the browser-based machine, highlight the text and press CTRL+SHIFT+C or use the clipboard
• When accessing target machines you start on TryHackMe tasks, make sure you’re using the correct IP (it should not be the IP of your AttackBox)

Complete the room to earn this badge

Congratulations

You’ve completed the room!

To access this machine, you need to either

Connect to our network via a VPN

Use the AttackBox

Use a web-based attack machine (recommended)

Expiring Soon

Your machine is going to expire soon. Close this and add an hour to stop it from terminating!

Expired Machine

Your machine has expired and terminated.

How to access machines

Now you’ve started your machine, to access it you need to either

Download your VPN configuration file and import it into a OpenVPN client

Control a web-based machine with everything you need, all from inside your browser

Reset Your Progress

Some tasks will have you learning by doing, often through hacking a virtual machine. However, to access these machines you need to either:

• Use the in-browser machine — If you’re subscribed, you can start your in-browser Kali machine and use it to access machines you’ve started!
• Use OpenVPN — You need to download your configuration file and install OpenVPN. Follow the guide here to connect using OpenVPN.

• Are you connected to the TryHackMe network? You can check by starting the machine in the welcome room (task 3), waiting a few minutes and accessing its webserver — If you see a website, you are connected.
• If its a Windows machine you’ve started, it might not be pingable. Try using the -Pn flag when scanning the machine with nmap: nmap MACHINE_IP -Pn -v
• Has the machine had long enough to start up? It can take between 1 and 5 minutes.
• Not all machines have a web server or SSH service running. Try pinging the machine in your console first: ping MACHINE_IP . If its responds, its reachable and you’re not accessing it in the intended way.
• Are you definetly using the machine’s IP and the correct method of access with the right details (e.g. username) — try rereading the task, have you missed something?

Not all machines will have SSH enabled.

You shouldn’t be trying to SSH / RDP / Access a webserver unless you’ve been told specifically to do so, or have scanned the machine first to check that the service is running.

Not all machines you start will have a web server running. Why not scan the machine with nmap to see if there is one running on another port.

Use the following nmap command: nmap -v MACHINE_IP — If there is a webserver running on another port, go to http://MACHINE_IP:PORT

If you are on a machine, the chances are it won’t have internet access.

To put a file onto your remote machine, you can:

• Use SCP — You can copy a file to a remote machine with the following command: scp YOUR_FILE [email protected]:/DIRECTORY
• Host a mini-webserver — You can host a mini-webserver on your machine. On your machine type: python3 -m http.server 1234 where your files are hosted, then on the remote machine go to http://MACHINE_IP:1234 and download it.

• Writeups — Does the room have any writeups you can check? (Click the writeup tab or go to room options)
• Using the internet — Being able to research effectively is really important. You can improve your researching skills here.
• Discord — As a last resort, if you’re really stuck why not ask our community for a hint on Discord?

Not every room has the in-browser functionality. Its up to the room creator to add this capability.

If you are not sure where to start, check out:

• Pathways — Choose a path and build up your knowledge using a mixture of room guides and challenges!
• Hacktivities — Search for a topic you enjoy and filter by your difficulty rating.
• Zero to Hero post — An overview on which rooms to start with both as a free and subscribed user.

Completing rooms gets you a certain number of points. A breakdown of how questions are scored as as follow:

Answered	Score
1st to answer	80 points
After first	30 points

If the room type is a walkthrough room, you only get 25% of those points added to your account score. Challenge room’s receive 100% if the room has been released during this month.

All points you get are added to your ‘All-time’ score, however not all points are added to your ‘Monthly’ score (which is reset to 0 on the last day of the month 23:59 GMT). You only get 100% of a room’s monthly points if a room has been released during that month; you get 25% of challenge room points if its not released in this month. This stops new users being able obtain large amounts of points as they have more rooms to solve than older users — by monthly points only being awarded if a room is released this month, everyone has a fair chance to be number 1 on the ‘Monthly’ leaderboard and everyone has an equal chance to be number 1 on the ‘All-time’ leaderboard.

• Challenge rooms released this month, give you 100% of the points (to both your all-time and monthly score).
• Old challenge rooms (not released this month) will give you 25% of the points to your monthly score and 100% to your all-time score.
• Walkthrough rooms released this month, give you 25% of the points to both your all-time and monthly score.
• Old Walkthrough rooms (not released this month) only give you 25% of the points to your all-time score, none for your monthly score.

To access a network, you need to download and connect using your networks OpenVPN configuration file.

Go to the access page, click the networks tab and select the network. Once downloaded, import your OpenVPN config file (details to this process are on the access page).

Источник

Linux Fundamentals Part 1

Make connection with VPN or use the attackbox on Tryhackme site to connect to the Tryhackme lab enviroment

First deploy the machine attached to the room. The IP of room will be visible at the top of the page once the machine is booted

Once deployed connect to the machine with the given credentials in task 1

Task 2:

Read and press complete

Task 3:

Task 4:

Read and type in the answer found in the text

echo -n helllo

Task 5:.

The first answer can be found in the text of task 5

The second answer can be found by typing man ls and scrolling a bit down

Task 6:

The answer can be found in the output in this task or by typing cat –help in the terminal

Task 7: To progress read and press complete

Task 8:

The answers are actually in the questions

Task 9:

So we need to create a file called noot.txt and then run the binary file in that directory. So we can get the password for the next user for the next section

Task 10:

The answer here is in the man pages of su

type man su to and find the right parameter

Progress to the next user by typing su shiba2 and when ask for the password use the password in task 9

Task 11:

In this task just read and press complete and remember the password for the next room. We will need it

What have we learned in Linux Fundamentals part 1

We have learned the following commands:

echo to echo to screen what ever comes after echo
man – Example: man echo
cat – Output whatever is in the file to the screen
ls – List directory and see files inside directory
touch – Create a file
su – Change users

And running a Binary with ./

Источник

Linux Fundamentals — Part 1 2021

This room covers topics such as an introduction to Linux, running your first commands, searching, interacting with the filesystem and shell operators.

Task 2 — A Bit of Background on Linux

Linux is considerably much more lightweight and there is a good chance you have used Linux in some form or another every day. Linux powers things such as:

Websites that you visit

Car entertainment/control panels

Point of Sale (PoS) systems such as checkout tills and registers in shops

Critical infrastructures such as traffic light controllers or industrial sensors

The name of “Linux” is actually an umbrella term for multiple OS’s that are based on UNIX. Thanks to Unix being open-source, variants of Linux comes in all shapes and sizes. For example, Ubuntu & Debian are some of the more commonplace distributions of Linux because it is so extensible.

As an example, you can run Ubuntu as a server or as a full desktop. As a side note, Ubuntu Server can actually even run on systems with only 512MB of RAM.

Questions

Task 4 — Running Your First Few Commands

A large selling point of using OS’s such as Ubuntu is how lightweight they can be. This does have its disadvantages — often there is no GUI unless one has been installed. A large part of interacting with these systems is done through the terminal.

The terminal is purely text-based and is intimidating at first. In the terminal, we need to be able to do basic functions like navigate to files, output their contents and make files. The commands to do so are self-explanatory. Two of the first commands are:

echo — outputs any text we provide

whoami — finds out what user we are currently logged in as

Questions

Q1: If we wanted to output the text “TryHackMe”, what would our command be? A: echo TryHackMe

Q2: What is the username of who you are logged in as on your deployed Linux machine? A: tryhackme

Task 5 — Interacting with the File System

Being able to navigate the machine that you are logged into without relying on a desktop environment is pretty important. Some of the following commands help with this:

ls — listing

cd — change directory

cat — concatenates

pwd — print working directory

Before we can do anything such as finding out the contents of any files or folders, we need to know what exists in the first place. This can be done using the “ls” command.

In the screenshot, there are 4 directories. You can list the contents of a directory without having to navigate to it by using ls and the name of the directory i.e. “ls Pictures”

We can use the cd command to change to that directory. If you wanted to open the Pictures directory, use the command “cd Pictures”.

If you want to see the contents of text files or any other files, use a command called “cat”. Cat is short for “concatenating” and is a great way to output the contents of files. In the screenshot, you can see the combined use of “ls” to list files and the cat command to view the contents of a text file.

As you profess through the Linux machine, the name of the directory you are currently in will be listed at your terminal. It is easy to lose track of where we are on the filesystem exactly — this is where the “pwd” command comes in handy.

To find out where we are, we can simply type “pwd” which prints the full path to the current directory.

Questions

Q1: On the Linux machine, how many folders are there? A: 4

Q2: Which directory contains a file? A: folder4

Q3: What is the contents of this file? A: Hello World

Q4: Use the cd command to navigate to this file and find out the new current working directory. What is the path? A: /home/tryhackme/folder4

Task 6 — Searching for Files

One of the redeeming features of Linux is how efficient you can be with it. However, you can only be as efficient as you are familiar with it.

One fantastic way to show off how efficient you can be with systems is using a set of commands to quickly search for files across the entire system that our user has access to. This is where Linux starts to become a bit more intimidating to approach.

The find command is fantastic in the sense that it can be used both very simply or rather complex depending what you need to do. Directories can contain even more directories within themselves. It becomes a headache when we are having to go through every single one to look for files — the find command is useful for this.

If we remember the filename, we can simply use “find -name passwords.txt” where the command will look through EVERY folder in the current directory and below for that specific file.

However, what if we don’t know the filename? Or if we want to search for every file that has an extension such as “.txt”.

We can simply use what is known as a wildcard (*) to search for anything that has .txt at the end. In our case, we want to find every .txt file that is in the current directory. The command “find -name *.txt” looks for every text file.

Another great utility that is a great one to learn about is the use of grep. The grep command allows us to search the contents of files for specific values that we are looking for.

Using a command like “cat” is not recommended if the file has hundreds of lines of content. Say we wanted to search a log file to see things that a certain user/IP address visited — looking through all the lines would take ages.

Instead, we can use grep to search the entire contents of the file for any entries that match the value we are searching for. In the screenshot, we grep for a certain IP address from an access log file.

Источник