NCAE Mapping Hub
Overview Scoreboard Data Roles Exercised Checklists Lessons Skill Drills Practice Terminal Progress
performance hard Apply enum-misconfig 2 points

Question 14. CSCD240-E1-B

Find every world-writable regular file under /var (common misconfig indicator).

Work the drill

Answer on paper or in a terminal before revealing the ideal answer.

Ideal answer
find /var -type f -perm -0002 2>/dev/null

Misconception bank

Each row below is a plausible wrong answer, the thinking that produces it, and the remedy that corrects the misconception. These are the foundation of the multiple-choice framing and the targeted feedback a student receives after answering.

find /var -perm 777
Misconception. 777 is an exact match; won't catch files with other bits but world-write also set.
Remedy. -0002 means "world-write AT LEAST"; that's what we want.
grep -r -w /var
Misconception. grep is for file contents, not permissions.
Remedy. Tool selection: find for metadata, grep for contents.

Authority mappings

Hover any chip for the mapping justification; click to open the authority record.

DCWF roles: CE-121 Exploitation Analyst
DCWF tasks: T0250
KU outcomes: CO-M10-O1CO-M9-O2

Course-artifact links

Lectures

  • CSCD240-S26-L03. Files, directories, file command, wildcards, viewing

Lab questions

  • CSCD240-S26-LAB5: grep -i, grep -n, grep -v, grep -c, grep -r on a log file.

CTF challenges

  • 02 Permissions: The Lazy Fix