DEV Community

loading...

TryHackMe The find Command

Omri Bornstein
Computer Science Student
Originally published at applegamer22.hashnode.dev ・3 min read

TryHackMe The find Command

References

Be more specific

Find all files whose name ends with .xml

  • find / to search for items in the root directory
  • -type f to filter for files
  • -name "*.xml" to filter for items with a .xml as a suffix

Answer: find / -type f -name "*.xml"

Find all files in the /home directory (recursive) whose name is user.txt (case insensitive)

  • find /home to search for items in the /home directory
  • -type f to filter for files
  • -iname user.txt to filter for case insensitive name pattern of user.txt

Answer: find /home -type f -iname user.txt

Find all directories whose name contains the word exploits:

  • find / to search for items in the root directory
  • -type d to filter for directories
  • -name "*exploits*" to filter for items with exploits substring in their name

Answer: find / -type d -name "*exploits*"

Know exactly what you're looking for

Find all files owned by the user kittycat

  • find / to search for items in the root directory
  • -type f to filter for files
  • -user kittycat to filter for items owned by the user kittycat

Answer: find / -type f -user kittycat

Find all files that are exactly 150 bytes in size

  • find / to search for items in the root directory
  • -type f to filter for files
  • -size 150c to filter for items of size 150 bytes

Answer: find / -type f -size 150c

Find all files in the /home directory (recursive) with size less than 2 KiB and extension .txt

  • find /home to search for items in the /home directory
  • -type f to filter for files
  • -size -2k to filter items of size less than 2 KiB
  • -name "*.txt" to filter for items with a .txt as a suffix

Answer: find /home -type f -size -2k -name "*.txt"

Find all files that are exactly readable and writeable by the owner, and readable by everyone else (use octal format)

  • find / to search for items in the root directory
  • -type f to filter for files
  • -perm 644 (octal format) to filter for items that are exactly readable and writeable by the owner, and readable by everyone else

Answer: find / -type f -perm 644

Find all files that are only readable by anyone (use octal format)

  • find / to search for items in the root directory
  • -type f to filter for files
  • -perm /444 (octal format) to filter for items that are only readable by anyone

Answer: find / -type f -perm /444

Find all files with write permission for the group others, regardless of any other permissions, with extension .sh (use symbolic format)

  • find / to search for items in the root directory
  • -type f to filter for files
  • -perm -o=w (symbolic format) to filter items write permission for the group others, regardless of any other permissions
  • -name "*.sh" to filter for items with a .sh as a suffix

Answer: find / -type f -perm -o=w -name "*.sh"

Find all files in the /usr/bin directory (recursive) that are owned by root and have at least the SUID permission (use symbolic format)

  • find /usr/bin to search for items in the /usr/bin directory
  • -type f to filter for files
  • -user root to filter for items owned by the user root
  • -perm -u=s (symbolic format) to filter for items that have at least the SUID permission

Answer: find /usr/bin -type f -user root -perm -u=s

Find all files that were not accessed in the last 10 days with extension .png

  • find /usr/bin to search for items in the root directory
  • -type f to filter for files
  • -atime +10 to filter for items that were not accessed in the last 10 days
  • * -name "*.png" to filter for items with a .png as a suffix

answer: find / -type f -atime +10 -name "*.png"

Find all files in the /usr/bin directory (recursive) that have been modified within the last 2 hours

  • find /usr/bin to search for items in the /usr/bin directory
  • -type f to filter for files
  • -mmin -120 to filter for items that have been modified within the last 2 hours (120 minutes)

Answer: find /usr/bin -type f -mmin -120

Discussion (0)