TryHackMe The find Command
References
- Ahamed, I. (2020, May 13). The find command ~ THM Writeup. Medium; Medium. https://irshadahamedpro.medium.com/the-find-command-thm-writeup-10dba7722261
- GNU. (2021). Findutils 4.8.0. GNU. https://www.gnu.org/software/findutils/manual/html_mono/find.html
Be more specific
Find all files whose name ends with .xml
-
find /to search for items in the root directory -
-type fto filter for files -
-name "*.xml"to filter for items with a.xmlas a suffix
Answer: find / -type f -name "*.xml"
Find all files in the /home directory (recursive) whose name is user.txt (case insensitive)
-
find /hometo search for items in the/homedirectory -
-type fto filter for files -
-iname user.txtto filter for case insensitive name pattern ofuser.txt
Answer: find /home -type f -iname user.txt
Find all directories whose name contains the word exploits:
-
find /to search for items in the root directory -
-type dto filter for directories -
-name "*exploits*"to filter for items withexploitssubstring in their name
Answer: find / -type d -name "*exploits*"
Know exactly what you're looking for
Find all files owned by the user kittycat
-
find /to search for items in the root directory -
-type fto filter for files -
-user kittycatto filter for items owned by the userkittycat
Answer: find / -type f -user kittycat
Find all files that are exactly 150 bytes in size
-
find /to search for items in the root directory -
-type fto filter for files -
-size 150cto filter for items of size 150 bytes
Answer: find / -type f -size 150c
Find all files in the /home directory (recursive) with size less than 2 KiB and extension .txt
-
find /hometo search for items in the/homedirectory -
-type fto filter for files -
-size -2kto filter items of size less than 2 KiB -
-name "*.txt"to filter for items with a.txtas a suffix
Answer: find /home -type f -size -2k -name "*.txt"
Find all files that are exactly readable and writeable by the owner, and readable by everyone else (use octal format)
-
find /to search for items in the root directory -
-type fto filter for files -
-perm 644(octal format) to filter for items that are exactly readable and writeable by the owner, and readable by everyone else
Answer: find / -type f -perm 644
Find all files that are only readable by anyone (use octal format)
-
find /to search for items in the root directory -
-type fto filter for files -
-perm /444(octal format) to filter for items that are only readable by anyone
Answer: find / -type f -perm /444
Find all files with write permission for the group others, regardless of any other permissions, with extension .sh (use symbolic format)
-
find /to search for items in the root directory -
-type fto filter for files -
-perm -o=w(symbolic format) to filter items write permission for the groupothers, regardless of any other permissions -
-name "*.sh"to filter for items with a.shas a suffix
Answer: find / -type f -perm -o=w -name "*.sh"
Find all files in the /usr/bin directory (recursive) that are owned by root and have at least the SUID permission (use symbolic format)
-
find /usr/binto search for items in the/usr/bindirectory -
-type fto filter for files -
-user rootto filter for items owned by the userroot -
-perm -u=s(symbolic format) to filter for items that have at least the SUID permission
Answer: find /usr/bin -type f -user root -perm -u=s
Find all files that were not accessed in the last 10 days with extension .png
-
find /usr/binto search for items in the root directory -
-type fto filter for files -
-atime +10to filter for items that were not accessed in the last 10 days - *
-name "*.png"to filter for items with a.pngas a suffix
answer: find / -type f -atime +10 -name "*.png"
Find all files in the /usr/bin directory (recursive) that have been modified within the last 2 hours
-
find /usr/binto search for items in the/usr/bindirectory -
-type fto filter for files -
-mmin -120to filter for items that have been modified within the last 2 hours (120 minutes)
Answer: find /usr/bin -type f -mmin -120
Top comments (0)