Welcome to HBH! If you had an account on hellboundhacker.org you will need to reset your password using the Lost Password system before you will be able to login.

Basic 1


Daxorn's Avatar
50 1

Is there a specific answer format to follow? I tried different formats of answers and it still does not accept the unix commands


Ce1tic13h0y's Avatar
Member
2,340 16

The commands are easy found using search engine of your choice. if you do the leg work you’ll find the what you need, when you find what you need, you’ll be on the right path to that location, this is where thinking comes in what needs to be removed !<Thinking Required Here>!


Mordak's Avatar
Evil Sorcerer
4,025 18

Following on from what @Ce1tic13h0y has said, there’s nothing special about the commands just normal commands you would use day to day.


Uodhixyd's Avatar
40 -3

Hey hackers anyone there


Ce1tic13h0y's Avatar
Member
2,340 16

Uodhixyd you have posted in the Forum with nothing but a possible Hello. This wastes the flow of the thread, the thread is Basic 1 Help. not a place to say Hello that’s the Shout-box! if you dont know how thing run on here then Lurk a bit, get to know the Etiquette of the place.

you wont get help only Flammed if you act like this…..


TM_Methwan's Avatar
20 -1

how to do basic challenge 1


Futility's Avatar
:(
80 120

The challenge says:

now the only chance for him to be safe is that you chmod the file to all+execute and delete that file and the other file that tracks people

When thinking about this challenge, I like to approach it in “steps.” The first step is to find the file(s) that need deleting. Once that’s done, I move on to figuring out what might need to be done with those files in order to delete them. Finally, I suss out the common linux commands to do so. If you could narrow down which of those steps you’re having trouble with, we could certainly do a better job of helping you get through the challenge. I will say right off the bat that this isn’t meant to be one that’s too difficult. Once you figure out what needs doing, the solution becomes relatively clear.

Good luck!


Hey everyone, I’m having some difficulties here. I’m familiar with basic file location commands like “ls” and “find,” and I find removing files, executing “chmod” for all, and tracking changes easier. However, I’m a bit confused about the specific format you’re looking for. It seems vague, and I find it challenging to grasp your exact expectations. Doing the tasks in practice feels simpler than understanding the precise format you want. Additionally, some tasks can be accomplished in different ways to achieve the same result. Any clarification would be greatly appreciated! Since there’s a lot of where that logs.txt could be stored and it sucks because there’s not technology stack information and just logs.txt that is not an real world case. There’s a lot of what is confusing me in this simple task. I need hint.


Futility's Avatar
:(
80 120

Yea this is a common complaint, and one that I happen to share for a majority of these challenges. Fwiw, as mordak (head dev, site owner, etc) has said in the past, there’s currently a major overhaul of much of the site content (including challenges) in the works. He’s unfortunately going through some stuff lately and progress has been stalled. If you want to be a part of what hbh looks like moving forward and have suggestions/ideas/etc I’m sure he would very much appreciate them :)

As for your question. No, there’s no info on where logs.txt might be living, and that sucks, however it might be a bit more realistic than you realize. While most systems will be using some sort of common stack with easy-to-access docs which will tell you where to look etc, sometimes devs will go a bit haywire and do whatever they want. I won’t pretend this is a good explanation or defend the way this challenge does things, but I think the idea that you have to “look around a bit” might be a good one.

In any case, if you were inspired to “look around a bit” for where the logs.txt file is located, where might you start? Since the commands in this case are the answer (another bad decision. you have access to shell on the remote system, why don’t you just find / -iname "logs.txt" -exec <delete command> "{}" \; and call it a day?!) you’ll have to use some other form of input to attempt to traverse the file system. In this case we know the dev wasn’t using any common tech stack, so we can assume they’re kind of dumb. Where might they place their logs.txt?

[EDIT] Perhaps more to the point- you can find logs.txt without using the answer input boxes. Once you know where it is, you can input the commands necessary to do what the challenge asks.


I would go “find / -type f -name “logs.txt” 2>/dev/null” to get the path. Does it means that the logs.txt is somehow searchable in the task itself? Page, network, dirb?


Or even one liner would be a better thing: find / -type f -name “logs.txt” -exec chmod a+x {} ; && find / -type f -name “logs.txt” -exec rm -f {} ; && find / -type f ( -name “auth.log*” -o -name “syslog*” -o -name “secure*” -o -name “wtmp*” -o -name “btmp*” -o -name “lastlog” -o -name “bash_history” ) -exec rm -f {} ; && find /var/backup /var/backups /var/lib/backup /home/*/backup -type f -exec rm -f {} ;

This is how I would locate “find.txt” then chmod, then logs.txt remote then activity cleanup and also backup cleanup in case if user activity got to be stored there.


Futility's Avatar
:(
80 120

Does it means that the logs.txt is somehow searchable in the task itself? Page, network, dirb

It does, yes.

And while it is often nice to throw out elaborate one-liners to solve “everything” “at once”, I would caution towards a more step-by-step approach in the future to ensure nothing accidentally slips by. Especially when dealing with something as permanent as rm -f.


rex_mundi's Avatar
☆ Lucifer ☆
3,050 6

At first glance I thought you were maybe overthinking it, but I guess if it’s intended that you can search for the location of the 2 files from within the challenge itself , then I must have been underthinking it.

I just assumed the files were in a directory on a website, so I looked in the most obvious place possible and there they were.


I’ve found locations, I’ve overthinked this is extremely easy. Now I’m trying to find out the format that should be there.


I would need another hint. Should it be clean linux command or I have to consider that Drake done it from simple .php script? What is the expected file path? I’ve tried all options and nothing worked out for me. Eventhough I have found the file location.


Owned it, but must admit that can’t understand why I hate this task so much :D