TryHackMe Linux Fundamentals Part 3 Walkthrough
Hi, Hackers! In this blog post I will walk you through to the third and final part of Linux Fundamentals. Learning Linux is a must-need skill in the skillset of a hacker. So buckle up and let's jump into the topic.
Room Link:
N.B: The $ sign is used before every command, it's not necessary for a command. It's just for informing you that this is a command.
Terminal Text Editors:
Linux CLI(Command Line Interface) has two popular text editors, nano and vim. nano is very beginner friendly editor where vim is kind of an editor of experts. If you can learn the functionalities of vim, it can be much useful than nano. We will discuss about vim in another time as there is a dedicated room in TryHackMe.
If you want to create or edit a file with nano,
$nano file
In nano, you can move you cursor with "up" and "down" key. Pressing "enter" will create a new line.
At the bottom of the editor, you will see there is some help for you.
"^" is ctrl in nano. Pressing ctrl+x will exit the editor.
ctrl+G is for "get help".
Nano has a few features that are easy to remember & covers the most general things you would want out of a text editor, including:
- Searching for text
- Copying and Pasting
- Jumping to a line number
- Finding out what line number you are on
VIM:
Some of VIM's benefits, albeit taking a much longer time to become familiar with, includes:
- Customizable - you can modify the keyboard shortcuts to be of your choosing
- Syntax Highlighting - this is useful if you are writing or maintaining code, making it a popular choice for software developers
- VIM works on all terminals where nano may not be installed
- There are a lot of resources such as cheatsheets, tutorials, and the sorts available to you use.
1. Create a file using Nano
Answer: No answer needed.
2. Edit "task3" located in "tryhackme"'s home directory using Nano. What is the flag?
Answer: THM{TEXT_EDITORS}
General/Useful Utilities:
Downloading Files:
You can download files with wget. This command allows us to download files from the web via HTTP -- as if you were accessing the file in your browser. All you have to do is give it the address of the file that you want to download.
$wget ............./file
To download youtube videos:
$youtube-dl ......link......
Transfering Files From Your Host-SCP(SSH):
SCP(Secure Copy) is just a way of securely copying files. This command allows you to transfer files between two computers using the SSH protocol to provide both authentication and encryption.
Working on a model of SOURCE and DESTINATION, SCP allows you to:
- Copy files & directories from your current system to a remote system
- Copy files & directories from a remote system to your current system
To copy a file from your computer to a remote computer:
$scp important.txt ubuntu@192.168.32.1:/home/ubuntu/transfered.txt
To do the revese:(From Remote pc to your pc)
$scp ubuntu@192.168.32.1:/home/ubuntu/transfered.txt important.txt
Serving Files From Your Host-WEB:
Python has a module named HttpServer. With the help of this module, you can start a quick web server. Then from any pc, you can download a file. Remember, you have to start the server wherever your file is. Or else the file you want to transfer can't be found.
$python3 -m http.server 80
Here, 80 is the port number. You can choose whichever port you want.
In remote pc, someone just have to use wget command.
$wget http://ip:port/file
1. Ensure you are connected to the deployed instance (MACHINE_IP)
Answer: No answer needed.
2. Now, use Python 3's "HTTPServer" module to start a web server in the home directory of the "tryhackme" user on the deployed instance.
Answer: No answer needed.
3. What are the contents?
Answer: THM{WGET_WEBSERVER}
Create and download files to further apply your learning -- see how you can read the documentation on Python3's "HTTPServer" module.
4. Use Ctrl + C to stop the Python3 HTTPServer module once you are finished.
Answer: No answer needed.
Processes 101:
Processes are the programs that are running on your machine. They are managed by the kernel, where each process will have an ID associated with it, also known as its PID. The PID increments for the order In which the process starts. I.e. the 60th process will have a PID of 60.
To see the processes running on your machine:
$ps
To see the processes run by other users:
$ps aux
Another useful command is top command. top gives you real-time statistics about the processes running on your system instead of a one-time view. These statistics will refresh every 10 seconds, but will also refresh when you use the arrow keys to browse the various rows.
Managing Processes:
You can run a process in your machine and you can kill it too. To kill a process:
$kill 1250
Here, 1250 is PID(Process ID).
Below are some of the signals that we can send to a process when it is killed:
- SIGTERM - Kill the process, but allow it to do some cleanup tasks beforehand
- SIGKILL - Kill the process - doesn't do any cleanup after the fact
- SIGSTOP - Stop/suspend a process
Getting Processes/Services to Start on Boot:
Some applications can be started on the boot of the system that we own. For example, web servers, database servers or file transfer servers. This software is often critical and is often told to start during the boot-up of the system by administrators.
To start a service with systemctl command:
$systemctl [option] [service]
Let's start apache2 server.
$systemctl start apache2
We can do four options with systemctl:
- Start
- Stop
- Enable
- Disable
An Introduction to Backgrounding And Foregrounding in Linux:
Processes can run in two states; In the background and in the foreground.
To send a process in the background, all you have to do is put & at the end of the command.
$echo "TryHackMe" &
You can also send a running process in the bg. Press ctrl+z. Boom! it's in the bg.
Again, to bring a process in the foreground, you can use fg command.
1. Read Me.
Answer: No answer needed.
2. If we were to launch a process where the previous ID was "300", what would the ID of this new process be?
Answer: 301
3. If we wanted to cleanly kill a process, what signal would we send it?
Answer: SIGTERM
4. Locate the process that is running on the deployed instance (MACHINE_IP). What flag is given?
Answer: THM{PROCESSES}
5. What command would we use to stop the service "myservice"?
Answer: systemctl stop myservice
6. What command would we use to start the same service on the boot-up of the system?
Answer: systemctl enable myservice
7. What command would we use to bring a previously backgrounded process back to the foreground?
Answer: fg
Maintaining Your System: Automation
If you want to schedule a script or action in certain time , you have to know about crontab. crontab is one of the processes that is started during boot, which is responsible for facilitating and managing cron jobs. It's simply a special file with formatting that is recognised by the cron process to execute each line step by step. Crontabs require 6 specific values:
MIN 🠊 What minute to execute at
HOUR 🠊 What hour to execute at
DOM 🠊 What day of the month to execute at
MON 🠊 What month of the year to execute at
DOW 🠊 What day of the week to execute at
CMD 🠊 The actual command that will be executed
If you don't want to specify any of the above values, you can always use wildcard or asterisk(*) sign.
You can find crontab in /etc/crontab.
$cat /etc/crontab
You can edit a crontab by crontab -e.
8. Ensure you are connected to the deployed instance and look at the running crontabs.
Answer: No answer needed.
9. When will the crontab on the deployed instance(MACHINE_IP) run?
Answer: @reboot
Maintaining Your System: Package Management
To update-
$apt-get update
To upgrade programs-
$apt-get upgrade
To remove a program-
$apt-get remove
To remove unnecessary programs
$apt-get autoremove
To delete every single sign of a program from your machine-
$apt-get purge program
To add a repository-
$add-apt-repository
To install a program-
$apt-get install program
.
Maintaining Your System: Logs
Every command you use in Linux, it's saved in .bash_history. And every service and application running in a machine is recorded in log files. Log files are saved in /var/log folder. Who accessed which program and what has been done, all is recorded in a log file.
10. Look for the apache2 logs on the deployable Linux machine.
Answer: No answer needed.
11. What is the IP address of the user who visited the site?
Answer: 10.9.232.111
12. What file did they access?
Answer: catsanddogs.jpg
This is the end of Linux fundamentals. If you want to learn more, you should read Linux Basics For Hackers.
That's all for today. Happy Hacking!!!😊😊
No comments