Classroom Public page

Lab 8.1: Shell Navigation Scavenger Hunt

431 words

~75 minutes. Navigate a provided sample filesystem; find specific files using find and ls; build a pipeline to filter and count log entries.

Goal: navigate a Unix filesystem from the command line, locate files using find, read file contents with cat, and build a grep-based pipeline to count log entries.

Estimated time: 75 minutes

Prerequisites: Week 8 lecture (navigation commands, grep, pipes)

Setup

mkdir -p ~/fnd-101/lab-8-1
cd ~/fnd-101/lab-8-1

Create the sample directory tree for this lab:

# Create the tree
mkdir -p sample/{docs,logs,scripts,data}
echo "Annual Report 2024" > sample/docs/annual-report.txt
echo "Budget Q1 2024" > sample/docs/budget-q1.txt
echo "secret password: do not commit" > sample/docs/.hidden
echo "#!/bin/bash" > sample/scripts/backup.sh
echo "db backup routine" >> sample/scripts/backup.sh

# Create a sample log file with varied content
cat > sample/logs/access.log << 'EOF'
192.168.1.100 GET /index.html 200
10.0.0.5 GET /about.html 200
192.168.1.100 POST /login 401
192.168.1.100 POST /login 401
10.0.0.7 GET /admin 403
192.168.1.100 POST /login 200
10.0.0.5 GET /dashboard 200
192.168.1.255 GET /etc/passwd 404
10.0.0.7 GET /admin 403
192.168.1.100 GET /dashboard 200
192.168.1.100 GET /api/data 200
10.0.0.5 GET /logout 200
EOF

echo "results placeholder" > sample/data/results.csv

Part A: Navigation and listing

Complete each task and record the command you used:

  1. From ~/fnd-101/lab-8-1, list the contents of sample/ in long format (showing permissions, size, date). Command: ls -la sample/

  2. List all files in sample/docs/, including hidden files. What hidden file do you find?

  3. Print the contents of sample/logs/access.log. How many lines does it have? (Use wc -l.)

  4. Navigate to sample/scripts/. What is the current directory after cd sample/scripts/? Use pwd to confirm.

  5. From inside sample/scripts/, navigate up two levels (to lab-8-1). What single command gets you there?

Part B: Finding files

Use find to answer each question. Record the exact command and its output.

  1. Find all .txt files anywhere under sample/. Command: find sample/ -name "*.txt"

  2. Find all files (not directories) under sample/. Command: find sample/ -type f

  3. Find any file whose name starts with a dot (hidden file). Hint: find sample/ -name ".*"

  4. Find all files larger than 0 bytes. Hint: find sample/ -type f -size +0c (c = bytes)

Part C: Pipeline -- filter and count log entries

Use the sample/logs/access.log file for all tasks.

  1. Count how many requests returned a 401 status:

    grep "401" sample/logs/access.log | wc -l

  2. List all unique IP addresses in the log:

    awk '{print $1}' sample/logs/access.log | sort | uniq

    (Note: awk '{print $1}' prints the first field on each line. If awk is unfamiliar, you can use cut -d' ' -f1 instead.)

  3. Count how many requests the IP 192.168.1.100 made:

    grep "192.168.1.100" sample/logs/access.log | wc -l

  4. Find the line that looks like a path-traversal attempt (a request for /etc/passwd):

    grep "/etc/passwd" sample/logs/access.log

    This is what a naive log search for malicious requests looks like. Note the IP address of the requester.

Expected output / artifact

lab-8-1-transcript.txt with:

  • The commands you used for each Part A task and their output
  • The commands and output for each Part B task
  • The commands and output for all 4 Part C tasks

Save the transcript:

# Copy/paste your terminal session into the file, or use:
script -a lab-8-1-transcript.txt   # starts recording; type 'exit' to stop



git add lab-8-1/
git commit -m "lab-8-1: shell navigation scavenger hunt"

Common pitfalls

  • find glob quoting: find sample/ -name "*.txt" with quotes prevents the shell from expanding * before find sees it. Without quotes, *.txt might expand to an existing file in the current directory and confuse find.
  • Relative vs absolute paths in cd: cd sample/scripts works from lab-8-1; it fails if you are in a different directory. Use pwd frequently to know where you are.
  • wc -l output format: wc -l prints a count and sometimes the filename. The count is the number you want.

Stretch (optional)

Build a pipeline that counts the number of requests per status code in the log. Expected output:

2  401
1  403
...

Hint: awk '{print $3}' | sort | uniq -c | sort -rn

Lab 8.1 v0.1.