need help.

hello, im novice in this sphere so i need help
at first sorry for my english.
question - ’ What is the name of the config file that has been created after 2020-03-03 and is smaller than 28k but larger than 25k?’
my answer - ’ find -iname ‘*.conf’ -size +25k -size -28k -newermt 2020-03-03 ’
console output -
find: ‘./dovecot/private’: Permission denied
find: ‘./ssl/private’: Permission denied
find: ‘./polkit-1/localauthority’: Permission denied

what am i doing wrong?
i tried everything

If that string is your exact syntax, it might be the location which is the issue.

Try searching from root onwards.

Something like this might work: find / -iname "*.conf" -size +25k -size -28k -newermt 2020-03-03 2>/dev/null

If not, then maybe it doesn’t want *.conf files. So you could change the search string to "*conf*".

I have no idea which one will work though.

1 Like

thank you

Type your comment> @TazWake said:

If that string is your exact syntax, it might be the location which is the issue.

Try searching from root onwards.

Something like this might work: find / -iname "*.conf" -size +25k -size -28k -newermt 2020-03-03 2>/dev/null

If not, then maybe it doesn’t want *.conf files. So you could change the search string to "*conf*".

I have no idea which one will work though.

May i know why we are using -iname instead of -name

@Botcoder said:

May i know why we are using -iname instead of -name

In my case, mostly habit - it uses a case-insensitive search string. It depends on how strictly you want to match your target finding.

I’m pretty new to this, how come you use 2>/dev/null instead of just >/dev/null, I saw that it doesn’t work when I tested it myself. What does the 2 do :?

Its a “file descriptor” number relating to the standard outputs. At a high level there are three outputs:
0 - Standard Input / stdin
1 - Standard Output / stdout
2 - Standard Error / stderr

Using 2>/dev/null pipes any error messages to dev null but shows everything else. If you don’t use the 2, the >/dev/null pipes all output to dev null, which means nothing is returned to the screen.

1 Like

Alright, thanks for explaining I understand it pretty well now :^)

1 Like

Hey,
i got the same problem:

Question:
What is the name of the config file that has been created after 2020-03-03 and is smaller than 28k but larger than 25k?

Command i use:
find / -type f -name *.conf -size +25 -size -28 -newermt 2020-03-03 -exec ls -al {} ; 2>/dev/null

Outcome:
-rw-r–r-- 1 root root 13299 Jul 8 2020 /usr/share/dbus-1/system.d/org.freedesktop.login1.conf

-rw-r–r-- 1 root root 13299 Jul 8 2020 /snap/core18/1932/usr/share/dbus-1/system.d/org.freedesktop.login1.conf

-rw-r–r-- 1 root root 13299 May 3 2020 /snap/core18/1885/usr/share/dbus-1/system.d/org.freedesktop.login1.conf

But the anwser:
org.freedesktop.login1.conf is wrong…

Anybody an idea?

Found the anwser myself → Forgot the k by the -size flag → find / -type f -name *.conf -size +25k -size -28k -newermt 2020-03-03 -exec ls -al {} ; 2>/dev/null

The outcome is one file which is correct!

Hello. I am having a similar problem.
I am firstly unclear if this is to be run on the pwnbox or the target as I get different results for each, however, neither result is correct.
the command I am running is:
find / -type f -name *.config -newermt 2020-03-03 -size +25k -size -28k 2>/dev/null
On the target machine I get nothing back, on the pwnbox I get one file back but when I submit that it is wrong. I should mention I have submitted the file name and the full path for the pwnbox result and both are not accepted.

Disregard please. My session timed out and when I reconnected it worked. This was on the target machine in case anyone else ever has that question.

Any help would be appreciated.