Ninja Skills Walkthrough

Ninja Skills is an east machine that tests your knowledge and skills with Linux OS, Where you have to answer basic questions like who is the owner of that file, or which file has the specific string , etc. you can access the machine from here

Let’s Start Ninja Skills Machine and connect to it via SSH

ssh new-user@Machine_IP

with the password provided as same as our user

new-user

Let’s list the files in our current directory

Let’s change the directory and go into files, then list the files we have there

and we get nothing, so probably the files are scattered throughout the entire sytem and we need to search for them.

The first question is Which of the above files are owned by the best-group group(enter the answer separated by spaces in alphabetical order), which we can search for them by using “find” command, let’s construct the command

find / -type f -group best-group 2>/dev/null

let me explain the command more:

• / is for the main directory
• -type f is to specify that we are searching for files only
• -group to specify the name of the group we are looking for
• 2>/dev/null to get rid of permission denied errors

and like that you should get the following files as the result for the search

/mnt/D8B3
/home/v2Vb

The second question is, Which of these files contain an IP address?

so, what we can do here is, let’s search for all files and execute a search command that searches for IP addresses ( we will use grep).

let’s construct the command first

find / -type f  -exec grep -E '[0-9{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' {} \; 2>/dev/null

but we got so many files, so let’s add the files’ names to the command to limit the search

find / -type f \( -name "8V2L" -o -name "bny0"  -o -name "c4ZX"  -o -name "D8B3" -o -name "FHl1" -o -name "oiMO" -o -name "PFbD" -o -name "rmfX" -o -name "SRSq" -o -name "uqyw" -o -name "v2Vb" -o -name "X1Uy" \) -exec grep -EH '[0-9{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' {} \; 2>/dev/null

Let’s explain what we added here

• -E is to use expressions ( IP v4 pattern)
• -H is to print the file that contains the results

and you should get the following results

/opt/oiMO:wNXbEERat4wE0w/O9Mn1.1.1.1VeiSLv47L4B2Mxy3M0XbCYVf9TSJeg905weaIk

So the file will be

oiMO

Let’s go to the next question, Which file has the SHA1 hash of 9d54da7584015647ba052173b84d45e8007eba94.

Similar to the previous question, but instead we will calculate the hash of each file and compare it with the one given

find / -type f -exec sha1sum {} \; 2>/dev/null | grep 9d54da7584015647ba052173b84d45e8007eba94

Let’s explain the above

• -exec sha1sum is to calculate the hashes of the files
• grep is to print out which file has the hash provided

you should get the following file as a result

/mnt/c4ZX

For the next question , Which file contains 230 lines?

To get number of lines for a file in Linux, we can use “wc” command, there are many ways but this is the easier, so let’s construct the command

find / -type f -exec wc -l {} \; 2>/dev/null | grep -w 230

Now for the explanation:

• wc -l (small L) to count the lines of each file
• grep -w is to search for a specific word, not a sub string ( 230 will show but 2303 won’t)

sadly, I’ve waited too long but nothing shows up, so i decided to search with specific file names like, you can find more information from here

find / -type f \( -name "8V2L" -o -name "bny0"  -o -name "c4ZX"  -o -name "D8B3" -o -name "FHl1" -o -name "oiMO" -o -name "PFbD" -o -name "rmfX" -o -name "SRSq" -o -name "uqyw" -o -name "v2Vb" -o -name "X1Uy" \) -exec wc -l {} \;  2>/dev/null

and you should get the following results

209 /mnt/D8B3
209 /mnt/c4ZX
209 /var/FHl1
209 /var/log/uqyw
209 /opt/PFbD
209 /opt/oiMO
209 /media/rmfX
209 /etc/8V2L
209 /etc/ssh/SRSq
209 /home/v2Vb
209 /X1Uy

all of them are 209, but there’s one file missing which is “bny0”, s i tried it and luckily that was the answer

bny0

the next question is Which file’s owner has an ID of 502?

we can do the same as the previous command but with listing the files

find / -type f \( -name "8V2L" -o -name "bny0"  -o -name "c4ZX"  -o -name "D8B3" -o -name "FHl1" -o -name "oiMO" -o -name "PFbD" -o -name "rmfX" -o -name "SRSq" -o -name "uqyw" -o -name "v2Vb" -o -name "X1Uy" \) -exec ls -ln {} \;  2>/dev/null

Let’s explain the new thing we did

• ls -ln , l is to print it as a list, and n is to display numeric user ID and group ID

and you should get the following results

-rw-rw-r-- 1 501 502 13545 Oct 23  2019 /mnt/D8B3
-rw-rw-r-- 1 501 501 13545 Oct 23  2019 /mnt/c4ZX
-rw-rw-r-- 1 501 501 13545 Oct 23  2019 /var/FHl1
-rw-rw-r-- 1 501 501 13545 Oct 23  2019 /var/log/uqyw
-rw-rw-r-- 1 501 501 13545 Oct 23  2019 /opt/PFbD
-rw-rw-r-- 1 501 501 13545 Oct 23  2019 /opt/oiMO
-rw-rw-r-- 1 501 501 13545 Oct 23  2019 /media/rmfX
-rwxrwxr-x 1 501 501 13545 Oct 23  2019 /etc/8V2L
-rw-rw-r-- 1 501 501 13545 Oct 23  2019 /etc/ssh/SRSq
-rw-rw-r-- 1 501 502 13545 Oct 23  2019 /home/v2Vb
-rw-rw-r-- 1 502 501 13545 Oct 23  2019 /X1Uy

the only file that has user with ID 502 is

X1Uy

for the next question,Which file is executable by everyone?

we can just look at the previous command results.

-rw-rw-r-- 1 501 502 13545 Oct 23  2019 /mnt/D8B3
-rw-rw-r-- 1 501 501 13545 Oct 23  2019 /mnt/c4ZX
-rw-rw-r-- 1 501 501 13545 Oct 23  2019 /var/FHl1
-rw-rw-r-- 1 501 501 13545 Oct 23  2019 /var/log/uqyw
-rw-rw-r-- 1 501 501 13545 Oct 23  2019 /opt/PFbD
-rw-rw-r-- 1 501 501 13545 Oct 23  2019 /opt/oiMO
-rw-rw-r-- 1 501 501 13545 Oct 23  2019 /media/rmfX
-rwxrwxr-x 1 501 501 13545 Oct 23  2019 /etc/8V2L
-rw-rw-r-- 1 501 501 13545 Oct 23  2019 /etc/ssh/SRSq
-rw-rw-r-- 1 501 502 13545 Oct 23  2019 /home/v2Vb
-rw-rw-r-- 1 502 501 13545 Oct 23  2019 /X1Uy

and we can see that the file /etc/8V2L has x flag for all is set, so that is the answer, but let’s solve it with find command as another way

find / -type f \( -name "8V2L" -o -name "bny0"  -o -name "c4ZX"  -o -name "D8B3" -o -name "FHl1" -o -name "oiMO" -o -name "PFbD" -o -name "rmfX" -o -name "SRSq" -o -name "uqyw" -o -name "v2Vb" -o -name "X1Uy" \) -perm +001  2>/dev/null

let’s explain what we did here

• -perm is to search for files that has specific permissions
• +001 is actually any permission that is higher than 001, which is — — –x, so the execute by other is set at least

And this is how we end the ninja skills machine.