topson@james:~$ cat ReadMeIfStuck.txt Looking for flag 1?:It seems you will have to think harder if you want to find the flag. Perhaps try looking for a file called additionalHINT if you can't find it.. Looking for flag 2?: look for a file named readME_hint.txt
topson@james:~$ find . -name additionalHINT -type f ./channels/additionalHINT
topson@james:~$ cat ./channels/additionalHINT try to find a directory called telephone numbers... Oh wait.. it contains a space.. I wonder how we can find that....
topson@james:~$ find . -name 'telephone numbers' -type d ./corperateFiles/xch/telephone numbers
topson@james:~$ ls -lhA './corperateFiles/xch/telephone numbers' total 4.0K -rw-r--r-- 1 topson topson 189 Oct 5 15:26 readME.txt
topson@james:~$ cat './corperateFiles/xch/telephone numbers/readME.txt' 202-555-0150 202-555-0125 617-555-0115 +1-617-555-0115 +1-617-555-0186 +1-617-555-0138 use the Find command to find a file with a modified date of 2016-09-12 from the /workflows directory
Hypothetically, you find yourself in a directory with many files and want to move all these files to the directory of /home/francis/logs. What is the correct command to do this?
mv * /home/francis/logs
Read course material.
Hypothetically, you want to transfer a file from your /home/james/Desktop/ with the name script.py to the remote machine (192.168.10.5) directory of /home/john/scripts using the username of john. What would be the full command to do this?
sarah@james:~$ base64 -d '/home/sarah/system AB/managed/encoded.txt' | grep --color special you know how to decode base64 data, well done. you deserve the answer but because this is the linux strength training room where you are intended to build your linux memory and skills, you will have to find it in this very long text file. Look for the keyword: 'special' in this very large text file. Nullam nibh diam, gravida vestibulum mi sed, consectetur tincidunt nunc. Morbi pharetra turpis nec ligula pellentesque lobortis. Aenean sit amet ullamcorper turpis. Nam id magna sed felis facilisis accumsan. Aliquam cursus dolor eu enim maximus, eu malesuada sapien dignissim. Suspendisse ultrices condimentum nisi et pellentesque. Fusce ornare aliquet quam, eu efficitur elit facilisis et. Donec special: the answer is in a file called ent.txt, find it sagittis dolor nulla, interdum auctor tortor accumsan et. Aliquam vitae egestas dui, ut condimentum magna. Vestibulum tellus lacus, sollicitudin vitae dui sed, bibendum fermentum lacus. Mauris diam leo, efficitur at mi iaculis, sagittis hendrerit justo. Vivamus ante odio, cursus id tristique vitae, dapibus id eros. Quisque vitae mauris massa. Phasellus ut lectus efficitur, vulputate leo et, facilisis metus. Nulla volutpat nulla sem, vel vestibulum libero ultricies eu. Nam pulvinar tincidunt metus et accumsan.
Now we need to find ent.txt:
1 2 3 4 5
sarah@james:~$ find /home/sarah -type f -name ent.txt 2>/dev/null /home/sarah/logs/zhc/ent.txt
sarah@james:~$ find /home/sarah -type f -name layer4.txt 2>/dev/null /home/sarah/system AB/keys/vnmA/layer4.txt
sarah@james:~$ gpg '/home/sarah/system AB/keys/vnmA/layer4.txt' gpg: WARNING: no command supplied. Trying to guess what you mean ... gpg: AES256 encrypted data gpg: encrypted with 1 passphrase gpg: /home/sarah/system AB/keys/vnmA/layer4.txt: unknown suffix Enter new filename [layer4.txt]: noraj.txt
sarah@james:~$ cat noraj.txt 1. Find a file called layer3.txt, its password is james.
sarah@james:~$ find /home/sarah -type f -name layer3.txt 2>/dev/null /home/sarah/oldLogs/2014-02-15/layer3.txt
sarah@james:~$ gpg /home/sarah/oldLogs/2014-02-15/layer3.txt gpg: WARNING: no command supplied. Trying to guess what you mean ... gpg: AES256 encrypted data gpg: encrypted with 1 passphrase gpg: /home/sarah/oldLogs/2014-02-15/layer3.txt: unknown suffix Enter new filename [layer3.txt]:
sarah@james:~$ cat layer3.txt 1. Find a file called layer2.txt, its password is tony.
sarah@james:~$ find /home/sarah -type f -name layer2.txt 2>/dev/null /home/sarah/oldLogs/settings/layer2.txt
sarah@james:~$ gpg /home/sarah/oldLogs/settings/layer2.txt gpg: WARNING: no command supplied. Trying to guess what you mean ... gpg: AES256 encrypted data gpg: encrypted with 1 passphrase gpg: /home/sarah/oldLogs/settings/layer2.txt: unknown suffix Enter new filename [layer2.txt]:
sarah@james:~$ base64 -d layer2.txt 1. Find a file called layer1.txt, its password is hacked.
sarah@james:~$ find /home/sarah -type f -name layer1.txt 2>/dev/null /home/sarah/logs/zmn/layer1.txt
sarah@james:~$ gpg /home/sarah/logs/zmn/layer1.txt gpg: WARNING: no command supplied. Trying to guess what you mean ... gpg: AES256 encrypted data gpg: encrypted with 1 passphrase gpg: /home/sarah/logs/zmn/layer1.txt: unknown suffix Enter new filename [layer1.txt]:
Find an encrypted file called personal.txt.gpg and find a wordlist called data.txt. Use tac to reverse the wordlist before brute-forcing it against the encrypted file. What is the the password to the encrypted file?
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
sarah@james:~$ find /home/sarah -type f -name personal.txt.gpg 2>/dev/null /home/sarah/oldLogs/units/personal.txt.gpg
sarah@james:~$ find /home/sarah -type f -name data.txt 2>/dev/null /home/sarah/logs/zmn/old stuff/-mvLp/data.txt
sarah@james:/home/shared/chatlogs$ cat LpnQ (2020-08-13) Sarah: Hey Lucy, what happened to the database server? It is completely down now!
(2020-08-13) Lucy: Yes, I believe we have had a problem. I will need to investigate but for now there will be downtime for who knows how long.
(2020-08-13) Sarah: That is a shame, I needed to refer to a customer’s record due to them being unhappy with our service yesterday.
(2020-08-13) Lucy: if you ask Sameer, he may be able to help you find the back-up database copy we made a few hours ago?
(2020-08-13) Sarah: Of course, he is one of the sql developers around here in charge of the database creation, I will ask him in a few minutes. Thank you.
(2020-08-13) Lucy: No problem. By the way, our new security engineer may have accidently stored the SSH password of one of our employees. I have no idea how to change it and he will not be back till tomorrow.
(2020-08-13) Sarah: That is a shame. I am sure we will all be fine till he returns. Do you know which employee it is?
(2020-08-13) Lucy: I think it may have affected James but I not entirely sure.
(2020-08-13) Sarah: That is terrible, but I am sure nothing will come of it, he will be back tomorrow.
(2020-08-13) Lucy: True. It is just a concern of mine because James is the only one with root access. But as you said, we should be ok. Talk to you later. Bye.
sarah@james:~$ cat /home/shared/chatlogs/Pqmr (2020-08-13) Sarah: Hey Sameer, do you by any chance no where I can find the sql back-up copy on this system? The database server is down, and I really need to help a customer out.
(2020-08-13) Sameer: Sure. let me check.
(2020-08-13) Sarah: Thanks.
(2020-08-13) Sameer: check the home/shared/sql/ directory. It should be in there with the date of today.
(2020-08-13) Sarah: Thank you Sameer.
(2020-08-13) Sameer: No problem. It probably is encrypted. Just use the password: danepon.
(2020-08-13) Sarah: OK, thank you.
(2020-08-13) Sameer: No problem
(2020-08-13) Sameer: By the way, if you have any issues just talk to Michael as I will be off for the remainder of the day. See you tomorrow. Bye.
(2020-08-13) Sarah: Bye.
SQL backup should be in /home/shared/sql/ and encrypted with the password
1 2 3 4 5 6 7 8 9 10 11 12 13 14
sarah@james:~$ cat /home/shared/chatlogs/KfnP (2020-08-13) Sarah: Michael, I have been having trouble accessing the sql database back-up copy made today. Sameer gave me the password, but it just will not work?
(2020-08-13) Michael: Ah, yes. I remember, the security engineer was testing out a new automated software for creating sql database backups. He must have configured it to encrypt the backups with a different password.
(2020-08-13) Sarah: So how can I get a hold of it?
(2020-08-13) Michael: Good question. From what I remember the test program utilised a configuration file around 50mb. It is located inside the home/shared/sql/conf directory. This configuration file contained the directory location of a wordlist it used to randomly select a password from for encrypting the sql back-up copies with.
(2020-08-13) Sarah: I do not really understand the last part?
(2020-08-13) Michael: once you find the configuration file and consequently the wordlist directory, visit it. One of those wordlists must contain the password it used for the testing. All I remember is that the password began with ebq. You will need Sameer’s account. His SSH password is: thegreatestpasswordever000.
(2020-08-13) Sarah: Thank you, I will try to find it.
password of /home/shared/sql/2020-08-13.zip.gpg is not danepon
the config file is in /home/shared/sql/conf and is about 50mb
the config file contains the wordlist directory
the SQL backup password start with ebq
Sameer's SSH password: thegreatestpasswordever000
What is the password for the sql database back-up copy
Find the config file:
1 2 3 4 5 6 7 8 9 10
sameer@james:~$ find /home/shared/sql/ -type f -size 50M /home/shared/sql/conf/JKpN
The SSH password of James is written instead of his lastname.
SSH as james and change the user to root?
James has root permission through sudo:
1 2 3 4 5 6 7
james@james:~$ sudo -l [sudo] password for james: Matching Defaults entries for james on james: env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin\:/snap/bin
User james may run the following commands on james: (ALL : ALL) ALL