Filter Contents - Exploring File Navigation and Redirection Techniques.

 

During today's lesson at the HTB Academy, I learned about several interesting functions that allow formatting of text data and transforming it into clear and understandable messages. Here are those functions:

1. More and Less: Tools enabling interactive browsing of file contents, facilitating smooth scrolling through text.

2. Head and Tail: Used to display the beginning or end of a file, aiding quick understanding of its content.

3. Sort: Function sorting file contents alphabetically or numerically, assisting in data organization.

4. Grep: Important tool for searching text based on specified patterns, enabling extraction of desired information.

5. Cut: Allows cutting specific text fragments based on defined separators, facilitating data segmentation.

6. Tr: Provides character substitution in text lines, enabling various transformations such as changing separators.

7. Column: Facilitates data formatting in tabular form, improving readability of search results or processed output.

8. Awk: Powerful text processing tool enabling extraction and manipulation of specific fields within lines, improving data precision.

9. Sed: Stream editor for performing text substitutions in a file or input stream using regular expressions, offering versatile text manipulation capabilities.

10. Wc: Useful tool for counting lines, words, or characters in file content, facilitating assessment of data volume or summarizing search results.

These functions empower effective data analysis, allowing extraction, filtering, and manipulation of data according to specific requirements, thereby contributing to better understanding of their content and more efficient processing.

.....

A bit of theory today, so I've caught up. I'll need to practice what I've learned to master it to a somewhat satisfactory level. I won't force these exercises, but rather gradually introduce them into my system work practice, just by keeping these functions in mind.

Time for some practice then. Today, I have a few tasks ahead of me, and interestingly, they are diverse and address intriguing issues.

1. How many services are listening on the target system on all interfaces? (Not on localhost and IPv4 only) 

my answer :D

ss -a4 | grep -v "127.0.0" | grep "LISTEN" | wc -l

I wanted to show you how to check how many services are listening on the target system but only on IPv4 network interfaces, excluding localhost. I used a couple of commands in the console.

First off, I ran ss -a4. It's a tool in Linux that shows us active network connections. The -a4 option tells it to show all IPv4 connections.

Then came the filtering part. I used grep - a tool that helps us search through text. To get rid of localhost connections, I used grep -v "127.0.0". That part makes the command display only the lines that don't contain the localhost address.

Next up, I wanted to see only those connections that are in the 'listening' state (LISTEN), so I used another grep, but this time I asked it only for the lines containing the word LISTEN.

And finally, I used wc -l. It's a tool that counts lines. This helped me find out how many lines were returned by the last grep, which in turn corresponds to the number of services listening on IPv4 interfaces, but not on localhost. That's it!

2. Determine what user the ProFTPd server is running under. Submit the username as the answer. 

So, I directed myself towards running the 'service' command, since ProFTPd is currently a running service on the system. Upon entering the command 'service proftpd status', I see in the response something about 'cgroup', indicating who is authorized to establish connections. Users belonging to the 'proftpd' group are granted these permissions. This alone could be a resolution to the matter and the closure of this topic. However, it's not particularly clear. Therefore, I won't just leave it at that.

ps aux | grep proftpd

Okay, so imagine you're trying to find out if the ProFTPd server is running on your computer, right? Well, you can use this cool command 'ps aux | grep proftpd' to do just that.

So, 'ps' is like this command that tells you about all the stuff happening on your computer. And when you add 'aux' after it, it gives you even more info, like which user is running each thing.

Now, the '|' symbol is kind of like a pipeline. It takes the output of the command on the left and sends it to the command on the right.

And 'grep proftpd'? That's like a search tool. It looks through all the stuff that 'ps aux' gave us and only shows the lines that mention 'proftpd'. So, if ProFTPd is running, you'll see some info about it in the output!

It's a handy way to check if ProFTPd is up and running, and if it is, you'll also get some details about it, like which user it's running under. Cool, right?

Hey, so now that I've made it to where I am, I've got another solution for you. We can use the nano text editor to open up the file '/etc/proftpd/proftpd.conf'. Once we're in there, we can find the line that says 'user', and right next to it, you'll see the username associated with this service. It's another way to find out which user ProFTPd is running under.

3. Use cURL from your Pwnbox (not the target machine) to obtain the source code of the "https://www.inlanefreight.com" website and filter all unique paths of that domain. Submit the number of these paths as the answer. 

At this point, to proceed to the next section, I had to rely on the answers provided in this link. Unfortunately, all my attempts ended up with either getting a result of 0 or 'Network is unreachable' - whereas the correct answer is completely different - but I managed to get it using the link provided below.

Link 

After some time, I tried approaching this task again - but from my own machine, not remotely. And the command provided below - it works for me. Now I can peacefully end this day.

curl -s 'https://www.inlanefreight.com' | grep -Po "https://www\.inlanefreight\.com.*?(?='|\")" | sort | uniq | wc -l 

 

 

 

Comments

Popular posts from this blog

Task Scheduling and System Services: A Theoretical Overview

Three tasks related to user management.

Working with Web Services.