A rogue hacker group called "Shadow Syndicate" has infiltrated CyberTech Corporation's Linux servers. They've locked out legitimate users and are attempting to steal classified data.
Your mission: Secure the Linux server by setting up proper user accounts, groups, and permissions before the data breach occurs.
⏰ TIME LIMIT: 30 MINUTES
You'll need to master Linux user management to save the company. Are you ready?
📋 MISSION OBJECTIVES:
✓ Phase 1: Reconnaissance - Explore the system (5 min)
✓ Phase 2: User Creation - Set up security team accounts (8 min)
✓ Phase 3: Group Formation - Organize users into teams (7 min)
⚠️ CRITICAL: You must have Kali Linux (or any Linux distribution) running. Open your terminal NOW!
🕵️ PHASE 1: RECONNAISSANCE
You've successfully connected to the compromised server. First, we need to understand who you are in the system and what users currently exist.
Shadow Syndicate's Last Known Activity: 5 minutes ago
TASK 1.1
Identify Yourself
Before we do anything, we need to know who we're logged in as. This is basic security protocol.
COMMAND TO EXECUTE: whoami
💡 What This Does:
The whoami command tells you your current username. In a compromised system, you always verify your identity first!
💭 HINT: Type the command exactly as shown and press Enter. You should see your username (probably "kali").
TASK 1.2
Find Your Location
Now we need to know where we are in the file system. Every command you run happens in a specific directory.
COMMAND TO EXECUTE: pwd
💡 What This Does: pwd stands for "Print Working Directory". It shows your current location in the file system. You're probably in /home/kali which is your home base.
TASK 1.3
Scan for Existing Users
Intel suggests Shadow Syndicate may have created backdoor accounts. Let's investigate the user database.
COMMAND TO EXECUTE: cat /etc/passwd
💡 What This Does:
This displays the entire user database. Every line represents one user account. Don't panic at the long list - most are system accounts, not humans!
💭 SCANNING TIP: Look for entries with UID 1000 or higher - those are usually real user accounts. System accounts have lower UIDs (0-999).
TASK 1.4
Find YOUR Account Details
Let's filter that massive list to just see YOUR account information.
COMMAND TO EXECUTE: grep $USER /etc/passwd
💡 What This Does: grep searches for specific text. $USER is a variable containing your username. So this finds just YOUR line in the passwd file.
Expected Output Format:
kali:x:1000:1000:Kali,,,:/home/kali:/usr/bin/zsh
Decoded:
kali → Username
x → Password (stored elsewhere)
1000 → User ID (UID)
1000 → Group ID (GID)
Kali,,, → Full name/description
/home/kali → Home directory
/usr/bin/zsh → Shell (command interpreter)
TASK 1.5
Check Your Security Clearance
Let's see what groups you belong to. Groups determine what you can access.
COMMAND TO EXECUTE: groups
💡 What This Does:
Shows all the groups you're a member of. If you see "sudo" in the list, congrats - you have admin powers!
🎯 PHASE 1 COMPLETE! You've successfully performed reconnaissance. You now know how to identify users, check your location, and view system information. Ready for Phase 2?
👥 PHASE 2: USER CREATION
Intel update: We need to create secure accounts for our security response team immediately. The team consists of three agents who will help defend the server.
Meet your team:
Agent Sarah - Security Analyst
Agent Mike - System Administrator
Agent Emma - Network Specialist
TASK 2.1
Create Agent Sarah's Account
Time to create your first user. We need a complete account with a home directory and bash shell.
COMMAND TO EXECUTE: sudo useradd -m -s /bin/bash sarah
💡 Breaking Down The Command: sudo - "I need admin powers for this" useradd - "Create a new user" -m - "Make a home directory" (/home/sarah) -s /bin/bash - "Give them bash shell" (so they can use terminal) sarah - The username
💭 HINT: When you type sudo, it'll ask for YOUR password (not Sarah's). This proves you have authorization to create users.
TASK 2.2
Verify Sarah's Account
Always verify your work! Let's confirm Sarah exists in the system.
COMMAND TO EXECUTE: grep sarah /etc/passwd
💡 What You Should See:
A line showing: sarah:x:1001:1001::/home/sarah:/bin/bash
Notice the UID is 1001 (next available number after yours).
TASK 2.3
Set Sarah's Password
A user account without a password can't login! Let's secure Sarah's account.
COMMAND TO EXECUTE: sudo passwd sarah
💡 What Will Happen:
The system will ask you to type a password for Sarah (you won't see what you type - that's a security feature). Then it'll ask you to type it again to confirm.
💭 REMEMBER: For practice, use a simple password like "sarah123" (in real life, use strong passwords!). Write it down - you'll need it later.
TASK 2.4
Create Agent Mike's Account
Now you know the drill! Create Mike's account using the same process.
COMMAND TO EXECUTE: sudo useradd -m -s /bin/bash mike sudo passwd mike
💭 TIP: Use a simple password like "mike123" for practice.
TASK 2.5
Create Agent Emma's Account
Last team member! Create Emma's account.
COMMAND TO EXECUTE: sudo useradd -m -s /bin/bash emma sudo passwd emma
TASK 2.6
Test Login as Sarah
Let's verify Sarah can actually login. We'll switch to her account temporarily.
COMMAND TO EXECUTE: su - sarah
💡 What This Does: su means "Switch User". The - means "start a fresh login session". It'll ask for Sarah's password (the one you just set).
WHILE LOGGED IN AS SARAH: whoami (should show "sarah") pwd (should show "/home/sarah") exit (to go back to your account)
💭 IMPORTANT: Don't forget to type exit to switch back to your account!
🎯 PHASE 2 COMPLETE! You've created three user accounts, set passwords, and tested login. Your security team is ready! Time to organize them into groups.
🛡️ PHASE 3: GROUP FORMATION
Shadow Syndicate is attempting to access classified files. We need to organize our agents into security groups so they can work together and share access to protected resources.
THREAT LEVEL: ELEVATED
TASK 3.1
Create the Security Team Group
First, we need to create a group that will contain all our security agents.
COMMAND TO EXECUTE: sudo groupadd securityteam
💡 What This Does:
Creates a new group called "securityteam". This group doesn't have any members yet - it's just an empty container ready to hold users.
TASK 3.2
Verify the Group Exists
Let's check that our security group was created successfully.
COMMAND TO EXECUTE: grep securityteam /etc/group
💡 What You Should See:
securityteam:x:1001:
The last field is empty because no members have been added yet.
TASK 3.3
Add Sarah to Security Team
Time to recruit our agents into the security team group.
COMMAND TO EXECUTE: sudo usermod -aG securityteam sarah
💡 Breaking It Down: usermod - "Modify a user's properties" -aG - "Append to Group" (CRITICAL: don't forget the 'a'!) securityteam - The group name sarah - The user to add
⚠️ WARNING: Always use -aG together! If you just use -G without the a, you'll remove Sarah from all her other groups. That's bad!
TASK 3.4
Add Mike and Emma
Now add the remaining team members to the security group.
COMMANDS TO EXECUTE: sudo usermod -aG securityteam mike sudo usermod -aG securityteam emma
TASK 3.5
Verify Team Roster
Let's confirm all three agents are in the security team.
COMMAND TO EXECUTE: grep securityteam /etc/group
Expected Output:
securityteam:x:1001:sarah,mike,emma
Decoded:
All three agents are now members of securityteam!
TASK 3.6
Create Shared Operations Folder
The security team needs a shared workspace where they can collaborate.
COMMAND TO EXECUTE: sudo mkdir /home/security_ops
💡 What This Does:
Creates a new directory at /home/security_ops that will serve as the team's shared workspace.
TASK 3.7
Assign Group Ownership
Now let's make the securityteam group the owner of this folder.
COMMAND TO EXECUTE: sudo chgrp securityteam /home/security_ops
💡 What This Does: chgrp means "Change Group". This sets the folder's group owner to "securityteam".
TASK 3.8
Set Group Permissions
Final step: Give the security team full access to their shared folder.
COMMAND TO EXECUTE: sudo chmod 770 /home/security_ops
💡 Permission Breakdown: 770 means: 7 (first digit) = Owner has rwx (read, write, execute) 7 (second digit) = Group has rwx (read, write, execute) 0 (third digit) = Others have nothing (complete lockout)
💭 WHAT THIS MEANS: Only members of securityteam can access this folder. Everyone else is locked out. Perfect for keeping Shadow Syndicate away!
TASK 3.9
Test Team Access
Let's verify Sarah can access the security operations folder.
COMMANDS TO EXECUTE: su - sarah cd /home/security_ops touch sarah_report.txt echo "Security sweep complete" > sarah_report.txt ls -l exit
💡 What You Just Did:
1. Switched to Sarah's account
2. Entered the security_ops folder (SUCCESS!)
3. Created a report file
4. Added content to it
5. Listed files to see your work
6. Returned to your account
🎯 PHASE 3 COMPLETE! Your security team is organized and has a secure shared workspace. Shadow Syndicate can't touch this folder! Ready for the final phase?
🔒 PHASE 4: PERMISSION LOCK
⚠️ CRITICAL ALERT ⚠️
Shadow Syndicate has been detected attempting to access classified files! We need to immediately secure sensitive documents with proper permissions.
This is the final defense line. Get the permissions right, or the data breach succeeds!
TASK 4.1
Create Test Files
First, let's create some files to practice securing.
COMMANDS TO EXECUTE: cd ~ mkdir security_training cd security_training touch public_info.txt touch secret_data.txt touch backup_script.sh
💡 What You Created:
• public_info.txt - Information that can be viewed by anyone
• secret_data.txt - Classified data (only you should access)
• backup_script.sh - A script file that needs to be executable
TASK 4.2
Examine Current Permissions
Let's see what permissions these files currently have.
COMMAND TO EXECUTE: ls -l
You Should See Something Like:
-rw-r--r-- 1 kali kali 0 Nov 10 14:30 backup_script.sh
-rw-r--r-- 1 kali kali 0 Nov 10 14:30 public_info.txt
-rw-r--r-- 1 kali kali 0 Nov 10 14:30 secret_data.txt
Decoding -rw-r--r--:
- = Regular file
rw- = Owner can read and write
r-- = Group can only read
r-- = Others can only read
⚠️ SECURITY ISSUE DETECTED: Everyone can read secret_data.txt! This is a vulnerability. Also, backup_script.sh can't be executed yet.
TASK 4.3
Secure the Secret File
Make secret_data.txt readable and writable ONLY by you. Total lockdown!
TRY THESE: chmod g-r test_permissions.txt # Remove read from group ls -l test_permissions.txt chmod o+w test_permissions.txt # Add write for others ls -l test_permissions.txt chmod a-x test_permissions.txt # Remove execute from all ls -l test_permissions.txt
TASK 4.7
Final Security Sweep
Let's review all the files and their security status.
Let's prove that your security works by testing from Sarah's account.
COMMANDS TO EXECUTE: su - sarah cat /home/kali/security_training/secret_data.txt
💡 Expected Result:
PERMISSION DENIED! Sarah can't read your secret file. The security works!
NOW TEST PUBLIC FILE: cat /home/kali/security_training/public_info.txt exit
💡 Expected Result:
SUCCESS! Sarah CAN read the public file. Permissions are working perfectly!
🎯 PHASE 4 COMPLETE! You've successfully secured all sensitive files with proper permissions. Shadow Syndicate cannot access protected data!
🎉 MISSION ACCOMPLISHED! 🎉
⚡ THREAT NEUTRALIZED ⚡
Excellent work, Agent! Thanks to your swift actions:
✅ All security team accounts created and operational
✅ Group-based access control implemented
✅ Sensitive files secured with proper permissions
✅ Shadow Syndicate's access attempts blocked
The server is now secure. CyberTech Corporation's data is safe!
USERS CREATED
3
Sarah, Mike, Emma
GROUPS FORMED
1
Security Team
FILES SECURED
4+
All Classified Data
TIME USED
--:--
Out of 30:00
🎓 SKILLS MASTERED:
✓ Linux terminal navigation
✓ User account creation
✓ Password management
✓ User switching (su command)
✓ Group creation and management
✓ Group membership control
✓ File permission codes (644, 755, 600)
✓ Symbolic permission changes
📚 KEY COMMANDS YOU NOW KNOW:
User Management:
sudo useradd -m -s /bin/bash username # Create user
sudo passwd username # Set password
su - username # Switch user
whoami # Check current user
groups username # Check group membership
Group Management:
sudo groupadd groupname # Create group
sudo usermod -aG groupname username # Add user to group
grep groupname /etc/group # View group members
Permissions:
chmod 644 filename # Set numeric permissions
chmod u+x filename # Add execute for user
chown user:group filename # Change ownership
ls -l # View file permissions