Day 1
Basic unix commands
| Command | Description |
|---|
ls | Lists all files and directories |
ls -a | Lists hidden files as well |
cd | To change to a particular directory |
cd .. | Move one level up |
cat filename | Displays the file content |
Learn basic bash scripting from
- https://linuxconfig.org/bash-scripting-tutorial-for-beginners
- https://www.tutorialspoint.com/unix/shell_scripting.htm
- https://devhints.io/bash
- https://overthewire.org/wargames/bandit/
find
Find .bash_history in /home directory
1
| find /home -name .bash_history
|
Finding with grep
1
| find /home -name .bashrc -exec grep [PATTERN] {} \;
|
grep
1
| find . -name .bash_history -exec grep -A 1 '^xyzfindme' {} \;
|
^ for starting
/tmp
tmp folder may contain secrets
1
2
| ls -ld /tmp
drwxrwxrwt 1 root root 4096 Sep 15 13:10 /tmp
|
- d : directory
- rwx: read, write, executable
- t: sticky bit
1
2
3
4
| #unzip
gzip -d xyz.tgz
#uncompress tar
tar -xf xyz.tar
|
1
2
3
| #Decompress bzip tar file
#j if bzip
tar xvjf xyz.tbz
|
1
2
| #z if gz
tar xvzf file.tar.gz
|
1
2
| #uncompress bz2
bzip2 -d your-filename-here.bz2
|
file xyz can tell what file it is
strings extract strings from a file
Cronjob
you can find the cron jobs run daily in /etc/cron.daily/
1
2
3
4
| #!/bin/bash
tar -zcvf /tmp/backup.tgz /home/victim
openssl enc -aes256 -k PASS -in /tmp/backup.tgz -out /tmp/backup.tgz.enc
rm /tmp/backup.tgz
|
Reverse the process Using
1
2
3
4
| openssl aes-256-cbc -d -in backup.tgz.enc -out backup.tgz
enter aes-256-cbc decryption password:
#PASS
tar -xvzf backup.tgz
|
1
2
3
4
| #gunzip
cp backup test.gz
gunzip test.gz
tar -xvf test.gz
|
