Overview
Easy共有九題,所有難度總共有75題,慢慢更新中。
1."Saint John": what is writing to this log file?
Scenario: "Saint John": what is writing to this log file?Level: Easy
Type: Fix
Access: Public
Description: A developer created a testing program that is continuously writing to a log file /var/log/bad.log and filling up disk. You can check for example with tail -f /var/log/bad.log.
This program is no longer needed. Find it and terminate it.
Test: The log file size doesn't change (within a time interval bigger than the rate of change of the log file).
The "Check My Solution" button runs the script /home/admin/agent/check.sh, which you can see and execute.
Time to Solve: 10 minutes.
tail用於查看文件的末尾內容。-f參數是「follow」的縮寫,讓tail命令保持開啟狀態,並即時顯示文件的最新新增內容。
tail -f /var/log/bad/log
lsof命令用於顯示系統中已打開的文件和這些文件的相關信息。使用grep來過濾包含 "/var/log/bad/log" 字串的信息。
lsof | grep "/var/log/bad/log"
# 得知PID為584
kill命令用於向指定的進程發送終止信號,讓該進程正常結束。**584**為PID
kill 584
- 使用相同指令查看沒有再繼續寫入資料
tail -f /var/log/bad/log2."Saskatoon": counting IPs.
Scenario: "Saskatoon": counting IPs.
Level: Easy
Type: Do
Description: There's a web server access log file at /home/admin/access.log. The file consists of one line per HTTP request, with the requester's IP address at the beginning of each line.
Find what's the IP address that has the most requests in this file (there's no tie; the IP is unique). Write the solution into a file /home/admin/highestip.txt. For example, if your solution is "1.2.3.4", you can do echo "1.2.3.4" > /home/admin/highestip.txt
Test: The SHA1 checksum of the IP address sha1sum /home/admin/highestip.txt is 6ef426c40652babc0d081d438b9f353709008e93 (just a way to verify the solution without giving it away.)
Time to Solve: 15 minutes.
- 計算指定文件
/home/admin/access.log中的行數
wc -l /home/admin/access.log
- 顯示文件
/home/admin/access.log的前五行內容
head -5 /home/admin/access.log
- 使用
cut命令來從文件access.log中提取字段第一欄(f1),然後使用-d設定分隔符為破折號('-'),最後使用> iplist.txt將提取的字段保存到名為iplist.txt的文件中
cd /home/admin
#切換到工作目錄
cut -f1 access.log -d '-' > iplist.txt
#將IP提取出來存到iplist.tx
head -5 iplist.txt
# 列出前五行檢查結果
- 使用
cat命令輸出iplist.txt的內容,通過管道|傳遞給sort命令對ip進行排序,最後使用> ip_order.txt將排序後的結果保存到ip_order.txt文件中
- 因為
uniq無法偵測重複行,除非它們彼此相鄰[1]。因此,在使用uniq之前必須對文件中的內容進行排序sort。
cat iplist.txt | sort > ip_order.txt
head -10 ip_order.txt
# 列出前十行檢查結果
- 使用
uniq命令用於刪除連續重複的行,-c會顯示每行重複出現的次數。sort將uniq的輸出進行排序,以便使用tail顯示排序後的結果的最後10行。
uniq -c ip_order.txt | sort | tail -10
echo "66.249.73.135" > /home/admin/highestip.txt
#依照題目指示將答案寫入到/home/admin/highestip.txt
- 送出答案
3."Santiago": Find the secret combination
Scenario: "Santiago": Find the secret combination
Level: Easy
Type: Do
Description: Alice the spy has hidden a secret number combination, find it using these instructions:
- Find the number of lines with occurrences of the string Alice (case sensitive) in the *.txt files in the /home/admin directory
- There's a file where Alice appears exactly once. In that file, in the line after that "Alice" occurrence there's a number.
Write both numbers consecutively as one (no new line or spaces) to the solution file. For example if the first number from 1) is 11 and the second 22, you can do echo -n 11 > /home/admin/solution; echo 22 >> /home/admin/solution or echo "1122" > /home/admin/solution.
Test: Running md5sum /home/admin/solution returns d80e026d18a57b56bddf1d99a8a491f9(just a way to verify the solution without giving it away.)
Time to Solve: 15 minutes.
- 切換至工作目錄
pwd
cd /home/admin/
ls -l
- 使用
grep命令在所有.txt的文件中搜尋包含字符串'Alice'的行,-c參數計算匹配的行數
grep -c 'Alice' *.txt
# 相加為411(第一題答案)
- 使用
grep命令來在文件1342-0.txt中搜尋包含字符串'Alice'的行,並接著顯示每個匹配行的後一行(-A1)
grep -A1 'Alice' 1342-0.txt
# 得到下一行出現的數字156(第二題答案)
- 提交答案
echo '411156' > /home/admin/solution