missing / modified files?

Hi,

am new to you but think I know a bit about Linux. The uptime of the machine with which I should work on the tasks was already over 8 days. Some files seem to be missing or modified. Are the VMs shared? Are there some that find it funny to delete files that are needed to solve the tasks? Example:

What is the inode number of the “shadow.bak” file in the “/var/backups” directory?

┌─[user183986@htb-eaztqlqwmp]─[/var/backups]
└─╼ $ls -a -l /var/backups/ | grep bak
┌─[✗]─[user183986@htb-eaztqlqwmp]─[/var/backups]

Doesn’t seem to exist or did I miss something?

Another example:

What is the index number of the “sudoers” file in the “/etc” directory?

$ls -i /etc/sudoers
18467 /etc/sudoers

But 18467 is the wrong answer.

Thanks for the effort.

I’m talking about the Academy courses, by the way. I have found something again that makes me wonder. The question is:

What is the name of the config file that has been created after 2020-03-03 and is smaller than 28k but larger than 25k?

──╼ $sudo find / -type f -name *.conf -newermt 2020-03-03 -size +25k -size -28k
/etc/postgresql/12/main/postgresql.conf
┌─[user183986@htb-iidsarhfy3]─[~]

No matter if I specify the file with full path or just the filename the answer is evaluated as wrong. As I said I am still new here and these things confuse me a bit. Maybe someone can give me a hint if I am on the wrong track or where the thinking error is. These things are piling up and I would like to complete the course.

I struggled so much with this shadow.bak. I realized after about an hour that I had initially ssh’ed to the target but had subsequently terminated connection after completing the first question. I just had to SSH back to the target and was able to get exactly what I needed. Not the first time I goofed and forgot to SSH :confused:

In all of these examples it looks like your commands are good, but you’re searching on the Parrot machine (user183986@htb-eaztqlqwmp). You need to spawn the target system, ssh in with the provided credentials, and run the same commands on the target system.

for find out the inode number you can use the fallowing commmand ls -li /var/backups/shadow.bak

I find out that my SSH connection is being stopped every time when I complete a specific task. In this case when I submitted my answer to the question “What is the name of the last modified file in the “/var/backups” directory?” my SSH connection was interrupted. And I could find shadow.bak file because of it. I had to go over again and enable SSH and from there everything went smoothly. I hope this helps.