Task 1: Introduction
no answer needed
Task 2: Deploy Your Linux Machine
use command ssh username@MachineIP and then the password to remotely access the machine
Task 3: Terminal Text Editors
Nano text Editor :
to create or edit file, use command nano file_name
VIM
a) Create a file using Nano
use command: nano myfile
b) Edit “task3” located in “tryhackme”’s home directory using Nano. What is the flag?
THM{TEXT_EDITORS}
Task 4: General/Useful Utilities
— Downloading files:
wget command, it supports HTTP, HTTPS, and FTP protocols.
wget http://example.com/filesfolder/file_to_download.txt— Transferring Files From Your Host — SCP (SSH)
SCP(secure copy) is different from a normal copy (cp) as it uses ssh protocol to transfer files between two computers and hence provides authentication and encryption.
- Copying files & directories from your current system to a remote system
syntax:
<scp file_to_be_copied.txt RemoteHostUsername@RemoteHostIP:/home/usernameRemote/copy_into_this_file.txt>
file_to_be_copied.txt is on local system
copy_into_this_file.txt on remote system
- Copy files & directories from your remote system to a current host
syntax:
<scp remoteUsername@IP:/home/UsernameRemote/File_on_remote.txt file_on_local.txt>
— Serving Files From Your Host — WEB
host a web server using python3 -m http.server in one terminal
In another terminal, use get to download the file that the server is hosting
a) Ensure you are connected to the deployed instance (MACHINE_IP)
no answer needed
b) Now, use Python 3’s “HTTPServer” module to start a web server in the home directory of the “tryhackme” user on the deployed instance
Download the file http://MACHINE_IP:8000/.flag.txt onto the TryHackMe AttackBox
c) What are the contents?
THM{WGET_WEBSERVER}
d) Create and download files to further apply your learning — see how you can read the documentation on Python3’s “HTTPServer” module.
Use Ctrl + C to stop the Python3 HTTPServer module once you are finished.
no answer needed
Task 5: Processes 101
To view, the list of processes running in by the current user session use the command ps
To view, the list of processes by other users use the command ps aux
Top Command: It shows the summary information of the system. it is refreshed every 10 sec. and the list of processes or threads which are currently managed by the Linux Kernel.
— Managing Processes
kill command: send signals that terminate processes
syntax: kill processID
- SIGTERM — Allow the process to do some cleanup tasks & then kill it.
- SIGKILL — Do not do any cleanup and just kill the process.
- SIGSTOP — Stop or suspend a process
— Getting Processes/Services to Start on Boot
syntax: systemctl [option] [service]
the options are Start, Stop, Enable, Disable
Service can be starting an apache server, etc.
→ to run a process in background, use & operator or the Ctrl +Z after the command
→ To bring the process to foreground use the fg command.
a) Read me — mark as complete
b) If we were to launch a process where the previous ID was “300”, what would the ID of this new process be?
301
c) If we wanted to cleanly kill a process, what signal would we send it?
SIGTERM
d) Locate the process that is running on the deployed instance (MACHINE_IP). What flag is given?
THM{PROCESSES}
e) What command would we use to stop the service “myservice”?
systemctl stop myservice
f) What command would we use to start the same service on the boot-up of the system?
systemctl enable myservice
g) What command would we use to bring a previously backgrounded process back to the foreground?
fg
Task 6: Maintaining Your System: Automation
To edit crontab use command crontab -e
cron and crontab both are processes. To interact with cron process use crontab. crontab is started during the boot.
a) Ensure you are connected to the deployed instance and look at the running crontabs. — no answer needed
b) When will the crontab on the deployed instance (MACHINE_IP) run?
‘@reboot’ use the crontab -e command to view
Task 7 : Maintaining Your System: Package Management
No answer needed
Task 8: Maintaining Your System: Logs
→fail2ban service is used to monitor attempted brute forces logs
→ UFW service is used as a firewall
a) What is the IP address of the user who visited the site?
10.9.232.111
b) What file did they access?
catsanddogs.jpg
Task 9 Summaries and conclusion
no answer needed.
