Ninja Skills

Ninja Skills-THM 

The room asks you to write some basic scripts to find the solutions to its answers. The scripts shown here won't be the most visually beautiful ones, but they will get the job done. All the scripts require a file with the file names provided in the room, one per line. We'll refer to this file as "filelist". Let's move on to question one:

Which file is owned by the "best-group" group?

while read line
do

        echo $line;
        VAR1=$(find / -name "$line" -group "best-group"  2>/dev/null);
        echo $VAR1; 
done

This script, and all the following ones, should be launched as ./script1.sh < filelist (remember to chmod +x first)

This is an easy one, it asks find to search for each file in the filesystem and checks if it also matches the group requirement. 

Which of these files contains an IP address?

while read line
do
        echo $line;
        VAR1=$(find / -name "$line" -type f 2>/dev/null)
        grep -oE "([0-9]{1,3}\.){3}[0-9]{1,3}" $VAR1 ; 
done

This sets VAR1 as the full path of each of the files, then reads the content of each one and checks for the presence of an IP address. The regex could be described as:"There should be one, two or three digits and a dot for THREE TIMES, and then only one, two or three digits. This doesn't actually check for the validity of the address (any of the triplets could also be 999 and this would still match, but read this post's header if you feel like complaining).

Which file has the SHA1 hash of 9d54da7584015647ba052173b84d45e8007eba94?

while read line
do
        echo $line;
        export VAR1=$(find / -name "$line" -type f 2>/dev/null);
        VAR2=$(sha1sum $VAR1 | cut -d " " -f1);
        echo $VAR2;
        if [ "$VAR2"  = '9d54da7584015647ba052173b84d45e8007eba94' ] 
        then
                echo "The file is $VAR1";
        fi
done

This one is similar to the other ones, and its flow should also be fairly clear. Get the full path to the file (as before), compute its hash and save it in a variable, then check if it matches the requested one (hard coded in the script, I know, ehw...).


Which file contains 230 lines?

This question shows a flaw in the machine. My find couldn't possibly show the location of the bny0 file, which is actually the one with 230 lines. Here I post the script I would have used to solve the challenge, although it isn't useful to find the answer in this case.

while read line
do
        echo $line;
        export VAR1=$(find / -name "$line" -type f 2>/dev/null);
        VAR2=$(wc -l $VAR1 | cut -d " " -f1);
        echo "The lines are $VAR2";
        if [ $VAR2  = '230' ] 
        then
                echo "The file is $VAR1";
        fi
done

Which file's owner has an ID of 502?

The id 502 matches user "newer-user". My script was the following one, but I seem to have some issues with this machine as no file actually seems to be owned by anyone else than id 501, so I basically had to brute force my answer. I post the code here for completeness, but I give no guarantee that it is actually perfect for what it's meant to do.

while read line
do
        echo $line;
        export VAR1=$(find / -name "$line" -type f 2>/dev/null);
        VAR2=$(ls -al $VAR1 | cut -d " " -f3 | id | cut -d " " -f1);
        echo "The uid of the owner is $VAR2";
        if [ "$VAR2" =  "uid=502(newer-user)" ] 
        then
                echo "The file is $VAR1";
        fi
done

Which file is executable by everyone?

while read line
do
        echo $line;
        VAR1=$(find / -name "$line" -type f -perm -o=x 2>/dev/null);
        echo "This one: $VAR1";
done

This checks if the execution permission is set in the "other" group, using the find command. You can see which one is the correct one because it will be the only time VAR1 has a value different than blank.


You'll only receive email when they publish something new.

More from emacab98
All posts