Cyber Security / Ethical Hacking
  • Prologue
  • CTF/OSCP Prep
    • Fundamentals
      • Linux
        • Basics
        • Bash Scripting
      • Windows
        • Basics
        • PowerShell
          • Scripting
        • CMD
      • Kali Survivor Skills
    • Information Gathering
      • Passive Recon
      • Active Recon
    • Enumeration
      • Common Ports
      • Vulnerability Analysis
    • Exploitation
      • Shells
  • Binary Exploitation / Exploit Development
    • Useful tools and techniques for Binary Exploitation
    • Shellcoders Handbook
      • Chapter 2 - Stack Overflows
        • Linux Buffer Overflow With Command Injection
        • Linux Buffer Overflow Without Shellcode
      • Chapter 3 - Shellcode
  • TryHackMe
    • Linux Fundamentals
      • Linux Challenges
      • RP: tmux
      • Common Linux Privesc
    • Advent of Cyber
      • Inventory Management
      • Arctic Forum
      • Evil Elf
      • Training
      • Ho-Ho-Hosint
      • Data Elf-iltration
      • Skilling Up
      • SUID Shenanigans
      • Requests
      • Metasploit-a-ho-ho-ho
      • Elf Applications
      • Elfcryption
      • Accumulate
      • Unknown Storage
    • Web Application Security
      • Web Fundamentals
      • Juice Shop
      • WebAppSec 101
    • Linux Privesc Playground
    • Intro to x86-64
    • Ninja Skills
    • CC: Radare2
    • Reversing ELF
    • Intro to Python
    • ToolsRus
  • Programming
    • Python
      • Simple TCP Port Scanner/ Banner Grabber
      • Botnet
      • Keylogger
      • Nmap Scanner
    • Golang
      • Execute Commands
      • MAC changer
      • TCP Port Scanner
      • TCP Port Scanner (improved with goroutines)
      • GoNmap Scanner
  • Protostar
    • Stack 0
    • Stack 1
    • Stack 2
  • Web App Pentesting
    • Recon
    • Authentication (Portswigger Academy)
      • Vulnerabilities in password-based login
        • Username Enumeration via different responses
        • Username enumeration via subtly different responses
        • Username enumeration via response timing
        • Broken brute-force protection, IP block
        • Username enumeration via account lock
        • Broken brute-force protection, multiple credentials per request
      • Vulnerabilities in multi-factor authentication
        • 2FA simple bypass
        • 2FA Broken Logic
        • 2FA bypass using a brute-force attack
      • Vulnerabilities in other authentication mechanisms
    • Broken Acess Controls
      • Insecure direct object references (IDOR)
        • Insecure direct object references lab
  • HackTheBox
    • Active
      • Untitled
      • Blunder
Powered by GitBook
On this page
  • [Task 1] Introduction
  • [Task 2] The Basics
  • [Task 3] Linux Functionality
  • [Task 4] Data Representation, Strings and Permissions
  • [Task 5] SQL, FTP, Groups and RDP

Was this helpful?

  1. TryHackMe
  2. Linux Fundamentals

Linux Challenges

PreviousLinux FundamentalsNextRP: tmux

Last updated 5 years ago

Was this helpful?

[Task 1] Introduction

How many visible files can you see in garrys home directory?

A: 3

[Task 2] The Basics

#1 What is flag 1?

#2 Log into bob's account using the credentials shown in flag 1.

What is flag 2?

#3 Flag 3 is located wherer bob's bash history gets stored.

#4 Flag 4 is located where cron jobs are created.

#5 Find and retrieve flag 5.

#6 "Grep" through flag 6 and find the flag. The first 2 characters of the flag is c9.

#7 Look at the systems processes. What is flag 7.

#8 De-compress and get flag 8.

#9 By look in your hosts file, locate and retrieve flag 9.

#10 Find all other users on the system. What is flag 10.

[Task 3] Linux Functionality

#1 Run the command flag11. Locate where your command alias are stored and get flag 11.

#2 Flag12 is located where MOTD's are usually found on an Ubuntu OS. What is flag12?

#3 Find the difference between two script files to find flag 13.

#4 Where on the file system are logs typically stored? Find flag 14.

#5 Can you find information about the system, such as the kernel version etc. Find flag 15.

#6 Flag 16 lies within another system mount.

#7 Login to alice's account and get flag 17.

#8 Find the hidden flag 18.

#9 Read the 2345th line of the file that contain flag 19.

[Task 4] Data Representation, Strings and Permissions

#1 Find and retrieve flag 20.

#2 Inspect the flag21.php file. Find the flag.

#3 Locate and read flag 22. Its represented as hex.

#4 Locate, read and reverse flag 23.

#5 Analyze the flag 24 compiled C program. Find a command that might reveal human readable strings when looking in the source code.

#7 Find flag 26 by searching the all files for a string that begins with 4bceb and is 32 characters long.

#8 Locate and retrieve flag 27, which is owned by the root user.

#9 Whats the Linux kernel version?

#10 Find the file called flag 29 and do the following operations on it:

  1. Remove all spaces in file.

  2. Remove all new lines spaces.

  3. Split by comma and get the last element in the split.

[Task 5] SQL, FTP, Groups and RDP

#1 Use curl to find flag 30

#2 Flag 31 is a MySQL database name.

MySQL username: root MySQL password: hello

#3 Bonus flag question, get data out of the table from the database you found above!

#4 Using SCP, FileZilla or another FTP client download flag32.mp3 to reveal flag 32.

#5 Flag 33 is located where your personal $PATH's are stored.

#6 Switch your account back to bob. Using system variables, what is flag34?

#7 Look at all groups created on the system. What is flag 35?

#8 Find the user which is apart of the "hacker" group and read flag 36.