Unix 13
This exercise is one of our challenges to help you learn more about Unix/Linux
In this PentesterLab challenge, you will tackle a scenario where the user root
runs a daily cron job to back up user directories. The backup script uses symmetric encryption to secure the data. However, this method is not ideal because if someone can read the script, they can retrieve the encryption key and decrypt the backup.
You will learn how to locate the cron job in /etc/cron.daily/
, identify the script and its encryption key, and use this information to decrypt and decompress the backup. The challenge emphasizes the need for better security practices, such as using asymmetric encryption and avoiding temporary unencrypted files on the filesystem. By the end of this lab, you will have decrypted the backup and retrieved the necessary key to solve the challenge.