Linux Fundamentals Part 3

Power-up your Linux skills and get hands-on with some common utilities that you are likely to use day-to-day!

LINK

@official link of the room.

TASK 1 - INTRODUCTION

Q1) Let's proceed! [ No Answer Needed ]

TASK 2 - Deploy Your Linux Machine

Use The Following Credentials:

Username: tryhackme | Password: tryhackme

Q1) I've logged into the Linux Fundamentals Part 3 machine using SSH and have deployed the AttackBox successfully! [ No Answer Needed ]

TASK 3 - Terminal Text Editors

Remember This :

There are a few options that you can use, all with a variety of friendliness and utility. This task is going to introduce you to nano but also show you an alternative named VIM (which TryHackMe has a room dedicated to!)

Editor name

Explain

nano

It is easy to get started with Nano! To create or edit a file using nano, we simply use nano filename -- replacing "filename" with the name of the file you wish to edit.

vim

VIM is a much more advanced text editor. Whilst you're not expected to know all advanced features, it's helpful to mention it for powering up your Linux skills.

Q1) Create a file using Nano [ No Answer Needed ]

Q2) Edit "task3" located in "tryhackme"'s home directory using Nano. What is the flag? [ T**{************} ]

TASK 4 - General & Usefull Utilities

Remember This :-

Command Name

explanation

wget

This command allows us to download files from the web via HTTP -- as if you were accessing the file in your browser. example:-

wget https://assets.tryhackme.com/additional/linux-fundamentals/part3/myfile.txt

scp

Secure copy, or SCP, is just that -- a means of securely copying files. Unlike the regular cp command, this command allows you to transfer files between two computers using the SSH protocol to provide both authentication and encryption. example :-

scp important.txt ubuntu@192.168.1.30:/home/ubuntu/transferred.txt

python3 -m http.server

Python3's "HTTPServer" will serve the files in the directory that you run the command, but this can be changed by providing options that can be found in the manual pages.

Q1) & Q2) [ No Answer Needed ]

Download the file ' http://ip_address:8000/.flag.txt ' onto the TryHackMe AttackBox

Q3) What are the contents? [ T**{**************} ]

we get '.flag.txt' with the help of 'wget'
yay! we got the flag.

Create and download files to further apply your learning -- see how you can read the documentation on Python3's "HTTPServer" module.

Q4) Use Ctrl + C to stop the Python3 HTTPServer module once you are finished. [ No Answer Needed ]

TASK 5 - Process 101

Remember This :-

Command

explanantion

ps

We can use the friendly ps command to provide a list of the running processes as our user's session and some additional information such as its status code, the session that is running it, how much usage time of the CPU it is using, and the name of the actual program or command that is being executed:

ps aux

To see the processes run by other users and those that don't run from a session (i.e. system processes), we need to provide aux to the ps command like so: ps aux

top

top gives you real-time statistics about the processes running on your system instead of a one-time view. These statistics will refresh every 10 seconds, but will also refresh when you use the arrow keys to browse the various rows.

systemctl

this command allows us to interact with the systemd process/daemon. format :-systemctl [option] [service]

kill

To kill a command, we can use the appropriately named kill command and the associated PID that we wish to kill. i.e., to kill PID 1337, we'd use kill 1337.

&

this command help us to run a command in background.

we can use Ctrl + Z on our keyboard to background a process.

fg

the fg command is being used to bring the background process back into use on the terminal.

  • SIGTERM - Kill the process, but allow it to do some cleanup tasks beforehand

  • SIGKILL - Kill the process - doesn't do any cleanup after the fact

  • SIGSTOP - Stop/suspend a process

Q1) Read me! [ No Answer Needed ]

Q2) If we were to launch a process where the previous ID was "300", what would the ID of this new process be? [ 3** ] (HINT :- 1 + prev id)

Q3) If we wanted to cleanly kill a process, what signal would we send it? [ S****** ] (HINT :- read 'remember this' section properly)

Q4) Locate the process that is running on the deployed instance (ip_addr). What flag is given? [ T**{*********} ]

yay! we got the flag

Q5) What command would we use to stop the service "myservice"? [ systemctl **** myservice ]

Q6) What command would we use to start the same service on the boot-up of the system? [ systemctl ****** myservice ] (HINT :- check out its 'man/help' page)

Q7) What command would we use to bring a previously backgrounded process back to the foreground? [ ** ] (HINT :- read 'remember this' section properly)

TASK 6 - Maintaining Your System : Automation

Remember this :-

Process

Explanation

crontab

Crontab is one of the processes that is started during boot, which is responsible for facilitating and managing cron jobs.

A crontab is simply a special file with formatting that is recognised by the cron process to execute each line step-by-step. Crontabs require 6 specific values:

Value

Description

MIN

What minute to execute at

HOUR

What hour to execute at

DOM

What day of the month to execute at

MON

What month of the year to execute at

DOW

What day of the week to execute at

CMD

The actual command that will be executed.

Crontabs can be edited by using crontab -e, where you can select an editor (such as Nano) to edit your crontab.

Q1) Ensure you are connected to the deployed instance and look at the running crontabs. [ No Answer Needed ]

contents of crontab

Q2) When will the crontab on the deployed instance (ip_addr) run? [ @r***** ]

TASK 7 - Maintaining Your System : Package Mgmt

Remember This :-

Command

Explanation

apt

Normally we use the apt command to install software onto our Ubuntu system. The apt command is a part of the package management software also named apt. Apt contains a whole suite of tools that allows us to manage the packages and sources of our software, and to install or remove software at the same time.

Q1) Since TryHackMe instances do not have an internet connection...this task only requires you to read through the material. [ No Answer Needed ]

TASK 8 - Maintaining Your System : Logs

Remember This :-

I have highlighted some logs from three services running on a Ubuntu machine:

  • An Apache2 web server

  • Logs for the fail2ban service, which is used to monitor attempted brute forces, for example

  • The UFW service which is used as a firewall

image from tryhackme.com

the two types of log files below that are of interest:

  • access log

  • error log

image from tryhackme.com

There are, of course, logs that store information about how the OS is running itself and actions that are performed by users, such as authentication attempts.

Q1) Look for the apache2 logs on the deployable Linux machine [ No Answer Needed ]

Q2) What is the IP address of the user who visited the site? [ 10.*.***.*** ]

Q3) What file did they access? [ c**********.*** ]

TASK 9 - Conclusions & Summaries

Q1) & Q2) [ No Answer Needed ]

END

PreviousLinux Fundamentals Part 2NextWindows Fundamentals

Last updated

Was this helpful?