Hello to all,
For the new post, I would like to share knowledge in Linux. You can do the challenges with me by entering this room. The room might look beginner for some player and might be more advance to some player.
When I was still doing this room, there are 1874 users (without being subscribed) just play and this room is just 88 days old
Before we start, I will brief a little bit about Linux for those who are new to the Operating System. Linux is a family of an open-source Unix like operating system where it will depend on the Linux Kernel. The first Linux has been released on the 17 September 1991 by Linux Torvalds.
I have completed the machine before posting this walkthrough but I will re-run the challenges just for the sharing purpose. The machine that I will be using for this activity would be Kali Linux via Vmware
Firstly, we need to deploy the machine for us to play with the challenges
We will be using a lot of the command “find” in the challenges, so it’s good for us to learn a little bit of find command
For answering the question about “What is the correct option for finding files based on group?”
The answer: -group
find /home/topson/workflows -type f -newermt 2016–09–11 ! -newermt 2016–09–13
If you found the flag until now, Well Done!
How would you rename a folder named -logs to -newlogs
How would you copy the file named encryption keys to the directory of /home/john/logs
Once successfully, you need to find any ‘special’ word in the large file.
We need to crack the password from another machine due to this machine cannot use john the ripper. Before cracking using john the ripper, we need to change gpg file to john file by using the command
gpg2john personal.txt.gpg > personal.txt
The command that used to crack the password would be something like
john –format=gpg –wordlist=/home/darknite/Desktop/data.txt personal,txt
mysql -u sarah -p
For us to gains access to SQL database, we need to set the source as source employees.sql
The next step is to execute the SQL command uses show databases; to show the available databases.
After we finally use the employee’s database, we need to execute SQL command such as use employees; and use show tables; in order to show the tables in this database
Moving on, we need to see if SQL database gives any valuable result by using the SQL command describe employees;
We have finally got nearer to the flag, we found that there’s a first_name matching Lobel in the employee’s table. As a result, we need to pull out all the details for Lobel by using the command
select * from employees where first_name like ‘Lobel’;
Final Challenges for this activity!
Firstly, we need to go to /home/shared/chatlogs/ and grep -iRl “Sameer”
SSH Sameer password is inside one of the files.
We need to enter the directory that got a huge size which is home/shared/sql/conf
and we notice that JKpN have fit the size of 50M and we need to read the file by less JKpN
We copy the hast and paste into a new file so that we can easily decrypt it by using the command base64 -d <new file>
LB/labmind/latestBuild/configBDB/ grep -iRl ebq
We have found a couple of wordlists that can be used for the password’s cracking. You can combine all three wordlist into one by using cat pLmjwi && cat LmqAQl && cat Ulpsmt >> wordlist.txt
We can filter the wordlist in the wordlist.txt file using the same command as grep -iRl ebq. This method will take some times to get the correct password for the SQL database back-up copy. Eventually, we will get ebqattle as the correct password
Let’s get the password for ‘James’ where you will repeat the step within the task 8 as follows:
mysql -u sarah -p (enter password for password)
select * from employees where first_name like ‘James’;
In the end, you will able to see the password has been used as last_name on database structure which leads to vuimaxcullings
Once we have gains the ssh password for James, let’s ssh to the server using James’ credentials as follows:
Now, let’s login as root by using the sudo su.
To get the root’s flag, we need to go to /root/ directory and ls -a in order to get the root.txt
Let’s see what been stored in root.txt
Happy Learning Guys!