I do recommend the Over The Wire Bandit because it is great at building up in difficulty and giving hints. So even new users of Linux will have fun. This is NOT a walkthrough, I'm using the challenges to explain some Linux commandline.
The basic idea is to find the password to the next user.
I'm only going to explain the ones I found interesting. You will notice I do it way harder than what is necessary. When I have time, my approach to learning is to add speed bumps so I can better understand the problem and learn more. For these exercises my speed bump is to display the password using only one command.
Spaces in file names
Having spaces in file names is a recurring attack vector for Microsoft Windows and other operating systems. http://cwe.mitre.org/data/definitions/428.html My responce has been to never use spaces in file and directory names.
Two ways to solve this one.
$ cat 'spaces in this filename'
$ cat spaces\ in\ this\ filename
The first is to treat the file name as a string and you are good to go. Then the terminal will not parse the string looking for spaces to divide up command line arguments.
The second is when you use TAB completion in the terminal. It automaticly adds escape characters to ignore the spaces.
I mention this because when I'm teaching someone about using the terminal I put a lot of stress on using TAB completion. TAB completion tells you if your syntax is correct and helps to avoid these types of mistakes.
Human readable
The goal is to get the file that is human readable, or with contents of ASCII text. The basis of this is the "file" command which returns the path and what type of data is in the file, separated by a colon.
$ cat $(file ./inhere/-fi* | egrep -i 'ascii' | cut -d : -f 1)
The "cat" command doesn't like to be piped to so we use the "$()" to run some additional commands, and return a path for "cat" to display the contents of.
The "file ./inhere/-fi* " says to look in the "inhere" directory and execute "file" for every file name that starts with "-fi".
The "egrep -i 'ascii'" command takes the list from "file" (because of the pipe "|") and grabs the line containing "ascii" case insensitive (-i).
The "cut -d : -f 1" command takes the line from egrep (because of the pipe "|") and finds the delimiter (-d) is a colon (:) and cuts out the first field (-f 1) to send to stdout.
The command "cat" receives the stdout as a path to a file to display the contents.
ASCII in long line
I mention this one to introduce a little regex expressions. You may have noticed I always "egrep" which is the regular expressions of grep, the same as "grep -e" This flag gives a hint that the file is 1033 bytes which is enough to isolate one file. Next we need to isolate the ASCII text in the massive line the file contains.
$ egrep -i '[a-z]*[0-9]*[a-z]' $(find . -size 1033c)
The next argument is "$(find . -size 1033c)" The "$()" tells Bash to run whats inside the parenthesis first and use the results in it's place.
The "find . -size 1033c" means find in this current directory recursively (.) a file that is 1033 bytes (-size 1033c). The "c" means character which is one byte.
No comments:
Post a Comment