File Permissions - 5huckle/OFFICIALTECHJOURNAL GitHub Wiki

File Permissions

File permissions are a big part of security.

Passwd (command) has access to /etc/passwd

Accessing Rocky

Accessing rocky was easy. I tested what accounts were on the system and which weren't. Eventually I figured out I had access via my cyber.local account and used that to sign on.

Finding files

find (the command is called find) is a great tool for finding things on a computer.

find / -perm /4000 #how to find suid programs on linux find / -perm /2000 # sgid programs

Finding files on rocky

find / -perm /002 2>/dev/null | grep -Ev 'proc|sys|cock|locale|' | grep '/s'

I used ‘find’ to search through files on the computer. I used 2>/dev/null to essentially throw away all the error codes. I used grep -Ev to exclude a lot of things I did not need in my code such as sys or proc. I eventually just narrowed it down enough to the thing that looked most out of place, which was solitaire. This was globally writable, I’m not sure if it was the correct file but it did meet all the criteria.