Skip to content

TryHackMe Writeups

Linuxfundamentalspart3

TryHackMe Writeups

Home
Crackthehash
Cyberadventtemplate
Template
25daysofchristmas
25daysofchristmas
- 25daysofchristmas
HackfinityBattle
HackfinityBattle
- HackfinityBattle
Adenumeration
Adenumeration
- Adenumeration
Adv3nt0fdbopsjcap
Adv3nt0fdbopsjcap
- Adv3nt0fdbopsjcap
Adventofcyber2
Adventofcyber2
- Adventofcyber2
Adventofcyber2023
Adventofcyber2023
- Adventofcyber2023
Adventofcyber2024
Adventofcyber2024
- Adventofcyber2024
Adventofcyber23sidequest
Adventofcyber23sidequest
- Adventofcyber23sidequest
Agentsudoctf
Agentsudoctf
- Agentsudoctf
Anonymous
Anonymous
- Anonymous
Auditingandmonitoringse
Auditingandmonitoringse
- Auditingandmonitoringse
Authenticationbypass
Authenticationbypass
- Authenticationbypass
Blaster
Blaster
- Blaster
Blue
Blue
- Blue
Bof1
Bof1
- Bof1
Breachingad
Breachingad
- Breachingad
Breakrsa
Breakrsa
- Breakrsa
Burpsuitebasics
Burpsuitebasics
- Burpsuitebasics
Burpsuiteintruder
Burpsuiteintruder
- Burpsuiteintruder
Burpsuiteom
Burpsuiteom
- Burpsuiteom
Burpsuiterepeater
Burpsuiterepeater
- Burpsuiterepeater
Codeanalysis
Codeanalysis
- Codeanalysis
Commonlinuxprivesc
Commonlinuxprivesc
- Commonlinuxprivesc
Contentdiscovery
Contentdiscovery
- Contentdiscovery
Cowboyhacker
Cowboyhacker
- Cowboyhacker
Crackthehash
Crackthehash
- Crackthehash
Cryptographyintro
Cryptographyintro
- Cryptographyintro
Cybergovernanceregulation
Cybergovernanceregulation
- Cybergovernanceregulation
Dastzap
Dastzap
- Dastzap
Dataxexfilt
Dataxexfilt
- Dataxexfilt
Easyctf
Easyctf
- Easyctf
Encryptioncrypto101
Encryptioncrypto101
- Encryptioncrypto101
Enumerationpe
Enumerationpe
- Enumerationpe
Exploitingad
Exploitingad
- Exploitingad
Fileinc
Fileinc
- Fileinc
Hydra
Hydra
- Hydra
Ice
Ice
- Ice
Intronetworksecurity
Intronetworksecurity
- Intronetworksecurity
Johntheripper0
Johntheripper0
- Johntheripper0
Kenobi
Kenobi
- Kenobi
Lateralmovementandpivoting
Lateralmovementandpivoting
- Lateralmovementandpivoting
Linprivesc
Linprivesc
- Linprivesc
Linuxfundamentalspart1
Linuxfundamentalspart1
- Linuxfundamentalspart1
Linuxfundamentalspart2
Linuxfundamentalspart2
- Linuxfundamentalspart2
Linuxfundamentalspart3
Linuxfundamentalspart3
- Linuxfundamentalspart3 Linuxfundamentalspart3
  Table of contents
  - Table of contents
    
    Terminal Text Editors
    
    General/Useful Utilities
    
    Processes 101
    
    Maintaining Your System: Automation
    
    Maintaining Your System: Logs
Linuxprivesc
Linuxprivesc
- Linuxprivesc
Linuxsystemhardening
Linuxsystemhardening
- Linuxsystemhardening
Malmalintroductory
Malmalintroductory
- Malmalintroductory
Metasploitexploitation
Metasploitexploitation
- Metasploitexploitation
Meterpreter
Meterpreter
- Meterpreter
Netsecchallenge
Netsecchallenge
- Netsecchallenge
Ohsint
Ohsint
- Ohsint
Operatingsystemsecurity
Operatingsystemsecurity
- Operatingsystemsecurity
Owaspjuiceshop
Owaspjuiceshop
- Owaspjuiceshop
Owasptop102021
Owasptop102021
- Owasptop102021
Passwordattacks
Passwordattacks
- Passwordattacks
Persistingad
Persistingad
- Persistingad
Picklerick
Picklerick
- Picklerick
Postexploit
Postexploit
- Postexploit
Powershell
Powershell
- Powershell
Printerhacking101
Printerhacking101
- Printerhacking101
Redteamrecon
Redteamrecon
- Redteamrecon
Rpnessusredux
Rpnessusredux
- Rpnessusredux
Rrootme
Rrootme
- Rrootme
Sast
Sast
- Sast
Seriskmanagement
Seriskmanagement
- Seriskmanagement
Shodan
Shodan
- Shodan
Sql injection
Sql injection
- Sql injection
Steelmountain
Steelmountain
- Steelmountain
Thelayoftheland
Thelayoftheland
- Thelayoftheland
Threatmodelling
Threatmodelling
- Threatmodelling
Traverse
Traverse
- Traverse
Uploadvulns
Uploadvulns
- Uploadvulns
Vulnerabilitycapstone
Vulnerabilitycapstone
- Vulnerabilitycapstone
Vulnerabilitymanagementkj
Vulnerabilitymanagementkj
- Vulnerabilitymanagementkj
Vulnversity
Vulnversity
- Vulnversity
Walkinganapplication
Walkinganapplication
- Walkinganapplication
Weaponization
Weaponization
- Weaponization
Winadbasics
Winadbasics
- Winadbasics
Windows10privesc
Windows10privesc
- Windows10privesc
Windowsfundamentals1
Windowsfundamentals1
- Windowsfundamentals
Windowsfundamentals2
Windowsfundamentals2
- Windowsfundamentals2
Windowsfundamentals3
Windowsfundamentals3
- Windowsfundamentals3
Windowslocalpersistence
Windowslocalpersistence
- Windowslocalpersistence
Windowsprivesc20
Windowsprivesc20
- Windowsprivesc20
Wiresharkpacketoperations
Wiresharkpacketoperations
- Wiresharkpacketoperations
Wiresharkthebasics
Wiresharkthebasics
- Wiresharkthebasics
Wonderland
Wonderland
- Wonderland

Linux Fundamentals Part 3 Banner

Linux Fundamentals Part 3 Logo

Linux Fundamentals Part 3

This guide contains the answer and steps necessary to get to them for the Linux Fundamentals Part 3 room.

Table of contents

Terminal Text Editors
General/Useful Utilities
Processes 101
Maintaining Your System: Automation
Maintaining Your System: Logs

Terminal Text Editors

Create a file using Nano.

To create a file with nano we use the following command:

nano textfile.txt

Create Nano File

Another method of creating and editing files is vim. More info can be found here.

Edit "task3" located in "tryhackme"'s home directory using Nano. What is the flag?

We can log into the system using ssh and the provided credentials using:

ssh tryhackme@10.10.181.62

Next we can edit the required file using:

nano task3

Edit File

Here we find our flag.

Click for answer
THM{TEXT_EDITORS}

General/Useful Utilities

Ensure you are connected to the deployed instance (MACHINE_IP)

Now, use Python 3's "HTTPServer" module to start a web server in the home directory of the "tryhackme" user on the deployed instance.

To start the http server on the target machine we use the following command:

python3 -m http.server

Download the file http://MACHINE_IP:8000/.flag.txt onto the TryHackMe AttackBox

What are the contents?

To download the file we use the following command after setting up the http server:

wget http://10.10.181.62:8000/.flag.txt
cat .flag.txt

Transfer File

Click for answer
THM{WGET_WEBSERVER}

Create and download files to further apply your learning -- see how you can read the documentation on Python3's "HTTPServer" module.

Use Ctrl + C to stop the Python3 HTTPServer module once you are finished.

Processes 101

If we were to launch a process where the previous ID was "300", what would the ID of this new process be?

The next process would have their pid incremented by 1.

Click for answer
301

If we wanted to cleanly kill a process, what signal would we send it?

This is one of the signals we can send with the kill command.

Click for answer
SIGTERM

Locate the process that is running on the deployed instance (MACHINE_IP). What flag is given?

To locate this process we use the ps aux command to list all running processes.

Flag Process

Click for answer
THM{PROCESSES}

What command would we use to stop the service "myservice"?

This is done with the systemctl command.

Click for answer
systemctl stop myservice

What command would we use to start the same service on the boot-up of the system?

This is also done with the systemctl command.

Click for answer
systemctl enable myservice

What command would we use to bring a previously backgrounded process back to the foreground?

This can be done with the fg command.

Click for answer
fg

Maintaining Your System: Automation

Ensure you are connected to the deployed instance and look at the running crontabs.

When will the crontab on the deployed instance (MACHINE_IP) run?

To view the existing cronjobs on the machine we can use:

crontab -e

Crontabs

Click for answer
@reboot

Maintaining Your System: Logs

Look for the apache2 logs on the deployable Linux machine

What is the IP address of the user who visited the site?

We can find the logs in /var/log/apache2 folder.

Looks like we don't have access to the log file. However, it looks like there is a backup of this file present in the same folder which we can view.

Logs

Click for answer
10.9.232.111

What file did they access?

In this same log file, we can see which file they accessed.

Click for answer
catsanddogs.jpg