CTF - PATHFINDER - Hack The Dome

🕵️‍♂️ Mission: Operation Deep Index

Mission Scenario

Agent dome-scout, the Dome’s defense is becoming paranoid.

The administrator is no longer just deleting files; they are hiding them in plain sight, manipulating sizes and modification dates so that critical files look old or insignificant.

Your mission now is to use commands with forensic precision, treating the filesystem like a large database. You must scour the system index to:

Locate a critical configuration file that was modified after a specific date and possesses a peculiar size, indicating it might be a customized payload.
Count the digital breadcrumbs—how many auxiliary backup files (.bak) the administrator forgot to remove from the system.
Identify the exact location of powerful utilities (xxd) that could be used for covert data encoding and exfiltration.

The success of this mission depends on your ability to combine multiple search criteria using the find command.

📂 Access Data (Briefing)

Target: htd-find-files-lab Server
Protocol: SSH
Port: 2223
User: dome-scout
Password: Oper@tion_Sh3ll!

🧠 Learning Objectives (Concepts Covered)

This module focuses on efficiency and precision at the command line, critical skills for any security investigation or pentest.

Metadata Search (find Mastery): Mastering the find command to search for files by time (-newermt), size (-size), and name simultaneously.
Data Aggregation: Efficiently using pipes (|) and the wc -l command (word count – lines) to count found files and consolidate results.
Binary Location: Efficient use of tools like which or whereis to map the arsenal of programs available on the system.
Filesystem Organization: Understanding how auxiliary files (like .bak) can be used to discover the internal structure of a system.

If you don’t now how to install or use Docker, read the link bellow

The Definitive Guide to Docker: Architecture, Installation, and Management

Download the machine from github and start it

git clone https://github.com/suricatoti/pathfinder.git

cd pathfinder

docker build -t htd/pathfinder:v1 .

docker run -d -p 2223:22 --name htd-pathfinder-lab --mount type=volume,source=htd_ssh_keys,target=/etc/ssh/ localhost/htd/pathfinder:v1

ssh dome-scout@localhost -p 2223

If you want to learn the content of this CTF:

Linux Fundamentals: Part 5 – Work with Files and Directories

🖥️ HTD Lab: PATHFINDER

Connect via SSH and answer the questions below.

Username: dome-scout / Password: Oper@tion_Sh3ll!.

1. What is the name of the config file that has been created after 2020-03-03 and is smaller than 28k but larger than 25k?

2. How many files exist on the system that have the “.bak” extension?

3. Submit the full path of the “xxd” binary.