Filter Contents — Linux Fundamentals Module — HTB Walkthrough

TIER 0 MODULE: LINUX FUNDAMENTALS

SECTION: Filter Contents

Please open your pwnbox or connect to the vpn, and connect with ssh in order to complete the tasks.

ssh htb-student@<target-ip>
# Enter password 'HTB_@cademy_stdnt!' when asked!

If you are not registered in HTB Academy, then use this link to register now: https://referral.hackthebox.com/mzxKOJt

1. How many services are listening on the target system on all interfaces? (Not on localhost and IPv4 only)

To list all listening services. we use netstat -l. But in this case we only need to see the services which are using IPv4 and not localhost.

netstat -l | grep LISTEN | grep -v localhost | grep 0.0.0.0

• netstat -l ➡ Lists all services on the system.
• grep LISTEN ➡ List only the content which contains the word ‘LISTEN’.
• grep -v localhost ➡ Excludes all lines which contains the word ‘localhost’. The -v flag excludes all matching patterns in grep.
• grep 0.0.0.0 ➡ Selects all lines containing ‘0.0.0.0’, which is a basic format for IPv4 addresses.

Now we want to count all lines (all services) of the output.

netstat -l | grep LISTEN | grep -v localhost | grep 0.0.0.0 | wc -l

Answer: 7

2. Determine what user the ProFTPd server is running under. Submit the username as the answer.

To list all processes on Linux we use ps aux command.

Output of `ps aux` in the target machine.

But we do not need all processes, so we filter out with grep command.

ps aux | grep proftpd

Under the user column you can see the username which is running this service.

Answer: proftpd

3. Use cURL from your Pwnbox (not the target machine) to obtain the source code of the “https://www.inlanefreight.com” website and filter all unique paths of that domain. Submit the number of these paths as the answer.

First simply do curl with this website, and print every thing neat in separate lines.

curl https://www.inlanefreight.com/ | tr " " "\n"

• tr " " "\n" ➡ Repalces all white spaces with a new line character.

Now we use grep to filter out what we need, the urls realated to that website.

curl https://www.inlanefreight.com/ | tr " " "\n" | grep -oE 'https://www.inlanefreight.com/([^"#]+)'

• grep -oE ➡ The -o flag means to print only the matching characters, and not the full line. And the flag E means that it will allow us to use RegEx (Regular Expression) in this.
• ([^"#]+) ➡ This a regular expression which means, do not print " or # in the urls, but print and anything after it (full url).

curl https://www.inlanefreight.com/ | tr " " "\n" | grep -oE 'https://www.inlanefreight.com/([^"#]+)' | sort -u | wc -l

• sort -u ➡ It makes sure there are no duplicates in all urls.
• wc -l ➡ Counts the output lines.

Answer: 34

Still stuck? Watch video!

☣️ HAPPY ETHICAL HACKING ☣️

DISCLAIMER: THIS CONTENT DOES NOT BELONG TO ME, I AM JUST WRITING A WALK-THROUGH OF A FREE MODULE OF HACK THE BOX ACADEMY. (WRITING WALKTHROUGHS OF FREE MODULES IS PERMITTED BY HTB ACADEMY)

The Malware Mender Walkthroughs