Prompt

One of our analysts had their laptop damaged. However, we were able to recover and mount the hard drive. Access the terminal and recover various flags from the disk.

Tutorial Video

Walk-Through

Tutorial video: Cyber Skyline NCL Summer Live - Linux Command Line - Sep 14, 2021

This challenge will give you experience running basic Linux commands. To solve these challenges, you will be using a Linux Command Line Interface (aka terminal or shell).

Background

The command line interface (CLI) functions similarly to File Explorer on Windows or Finder on macOS but relies on a text-based interface rather than a graphical user interface (GUI). Like its GUI counterparts, the CLI enables navigation through directories (folders) and the launching of files or programs. Upon opening the CLI, the prompt and command input line appear.

Commands entered at the prompt tell the CLI what task to perform; like navigating directories, displaying file contents, or renaming folders. Each action uses a specific program. Typing the program name, supplying any necessary input, and pressing “Enter” runs the command and displays the result. The following includes examples of these commands and outputs.

Guide

List files in a directory: ls

In this challenge, access is provided as the root user, with the session starting in root’s home directory. Running the ls (short for ‘list’) command displays the contents of the current directory. Press enter after typing ls to get the command to run.

Display contents of a file: cat

This directory listing shows that only 1 file. In order to display the contents of a file, run the cat command (short for concatenate) followed by the name of the file you wish to display. This is the output of cat flag1.txt:

Change to another directory: cd

Try navigating to other directories using the cd command (short for change directory). Add the file path you want to go to after the cd command. To navigate to the root directory, simply use a forward slash. After changing to the root directory, the command line prompt has switches from ~ to /. This is the output after running cd / :

The ~ symbol denotes the home directory of the current user, while / indicates the root directory. The term “root” can refer either to the root user (a superuser account) or the root directory (the top-level directory in the system). In the root directory, running ls lists the files. Running ls in the root directory reveals additional items beyond flag2.txt, most of which are directories.

Extracting tar files: tar

Use the cd command to navigate to the /var/log directory and use ls to the files there.

The flag file in this folder is stored as a tar archive, or tarball, indicated by the “.tar” extension. Similar to a zip file, a tarball packages multiple files for easier storage and transfer. Unlike zip files, tarballs are not compressed by default and often rely on gunzip for compression, noted by the “.gz” extension.

To access the files inside, the tar program is used to decompress and extract contents. This requires configuring command line flags which are single-letter options preceded by a hyphen. Each program defines its own flags and usage patterns.

For tar, the z flag enables decompression, x extracts the archive, v (optional) activates verbose output, and f signals that the archive filename follows. The tar -zxvf flag.tar.gz command will decompress and extract the files from the tarball:

The output includes ./flag/ and ./flag/flag3.txt, indicating that a folder named flag was extracted, containing a file named flag3.txt. The flag folder now appears in the current directory. Change to the flag directory to view the contents of flag3.txt.

Users & Home Directories: ~ or /home/

From the home directory, you can list the private directory of other users (if you have permission). As with Windows or macOS, each user on a Linux system has a private home directory, typically stored under /home/ . You can navigate directly to your own home directory by entering ~. The blue text below indicates a directory for a user named “flag”.

It is not required to switch users to view the contents of the ‘flag’ user’s folder because root is the default admin. However, if it was needed to switch users and become the ‘flag’ user use the su or ‘switch user’ command as follows and enter the password for that user. Notice how the user name changes from root to flag:

Run Programs:

There a couple ways to run programs. One way is to type in the program name and press enter. Running programs in user folders might not work if that user doesn’t have permission to run the program. Navigate back to root user’s home directory (~) or to the root directory (/). Below is the output of running the flag5 program:

Identify file paths: which

Non built-in Linux programs are simply files located somewhere in the file system. While it's possible to navigate directly to their directories, the command line automatically searches a predefined set of directories when a command is entered. The which command can be used to determine the location of a given program.

Useful tools for learning Linux:

Linux Journey

Questions

What are the contents of flag1.txt, found in root's home directory?

Run cat flag1.txt from root’s home directory

What are the contents of flag2.txt, found in the root directory?

Use cd / to navigate to the root directory and then run cat flag2.txt

What are the contents of flag3.txt, found in an archive in /var/log?

Navigate to /var/log and then run tar -zxvf flag.tar.gz to extract the files from the archive

What are the contents of flag4.txt, found in the flag user's home directory?

Navigate to the /home/flag directory and then run cat flag4.txt

What flag is printed when you run the flag5 program?

Run flag5

What is the full path to the flag5 program?

Run which flag5

©️ 2025 Cyber Skyline. All Rights Reserved. Unauthorized reproduction or distribution of this copyrighted work is illegal.