This module will expose you to Linux permissions, which is one of the most important part of your journey going ahead.
In Linux, files have different permissions or file modes. You can check out a permissions of a file or directory using ls -l:
hacker@dojo:~$ ls -l ~/.config
total 20
-rw-r--r-- 1 hacker hacker 500 Jan 18 09:06 QtProject.conf
drwx------ 2 hacker hacker 4096 Jan 18 09:06 Thunar
drwxr-xr-x 2 hacker hacker 4096 Jan 18 09:06 code-server
drwxr-xr-x 2 hacker hacker 4096 Jan 18 09:06 gtk-3.0
drwxr-xr-x 7 hacker hacker 4096 Aug 18 2022 xfce4
The permissions character often looks like this:
drwxr-xr-x
There are four parts to a file permissions:
The first part is the filetype, which is the first character in the sequence, in this case it's a d to indicate that it's a directory. Otherwise, you would commonly see a - for a regular file.
The next three part is the actual permissions. The permissions are grouped into 3 bits each. The first 3 is owner's permissions, middle 3 is group permissions and then public permissions.
Each character represent a different permissions
r - user can read the file
w - user can write into and modify the files
x - user can execute the file as a program
- - nothing
So, let's get started with permissions!
Lectures and Reading
Challenges
Most of the time, modifying permissions is done with the chmod command.
The basic usage for chmod is:
chmod [options] mode file
mode is where you want to set the permissions of the target file. It can either be symbolic (u+rwx) or numeric (755, 644).
In this challenge, you will need to chmod the file to a user-readable permission so that the you can read the /flag!
Additionally, you can also change the groups and users ownership of the file by using chown and chgrp (assuming that you have enough permissions)
Modifying user ownership:
chown [username] [file]
chown will give the ownership of that file to the specified user
Additionally, you can edit the group ownership by using chgrp:
chgrp [groupname] [file]
In this chall, you will need to chown or chgrp the /flag so that you (or your group) owns it and then you can read the file.
For a program to execute, the user will need to give it permissions to be able to execute as a program. This can be commonly done by:
chmod +x programname
In this chall, you will need grant getflag execute permissions.
There are many cases in which non-root users need elevated access to do certain system task. The system admin can't be there to give them the password every time a user wanted to do a task that only root/sudoers can do. The Set User ID allows the user to run a program as the owner of that program.
The permission of a file with SUID list would often look like this:
-rwsr-xr-x 1 root root 47032 Dec 1 11:45 /usr/bin/passwd
The s part here means that the program is a "special" one. It means that the user can essentially execute this program as the owner (root).
As an root/sudoers, you can easily set a program to have SUID bit by using chmod:
chmod u+s [program]
But be careful! Giving suid bit to an executable can give attackers a possible attack vector to become root. So be mindful about it. You can learn more about it here https://gtfobins.github.io/.
For the final chall, we are going to let you add the SUID bit to the getroot executable in order to spawn a root shell for you to cat the final flag!
Module Ranking
This scoreboard reflects solves for challenges in this module after the module launched in this dojo.