Jump to content
Sign in to follow this  
sunjester

[sunjester tuts] Getting Started with HackTheBox

1 post in this topic

Offline

Introduction
HackTheBox (HTB) is a very well known and excellent place to hone and sharpen your skills as a hacker and reverse engineer (cracker). Like all the other tutorials by me (and my team, Square Software), this will be focused on using, installing and working in Ubuntu (a Debian based Linux).

Invite Code
To join this marvelous network of VPN's and become a great hacker and make some new friends (and enemies) you will need need an invite code. This invite code is hacked and not given (although I'm sure you can Google for it). I suggest trying to find it for yourself, otherwise, you're not really becoming a hacker. It's simple, just look around, poke, read, etc.

OpenVPN
You will need to install OpenVPN if it's not already installed.

(xenial)[email protected]:$ sudo apt-get install openvpn

Starting OpenVPN with Credentials
You can visit the Access page to get your credentials for signing into the HTB OpenVPN. On this page you will see two sections, the one on the right gives a description on how to initiate the connection to HTB and a file to download and use with OpenVPN. You should be able to visit this link and get your connection file (after you have logged in). Once you log in, refresh the stats box on the left of the access page and you should now see a green check next to the "Connected" setting.

FDGk85Q.png

Your First Box
On the left hand side, in the menu, there is a link that says machines. Under this link you will see a list of machines that are active, retired, unreleased, etc. Click on the Active link to get a list of machines you can currently hack. If you are a beginner you will want to look for difficulties where the green is in the front, if you are more advanced, the red in the back of the graph are for you.

avUBADT.png

Let's start with the one called Active (which may not be in the list when you are reading this), but it's in the image above. You can see that it's IP is 10.10.10.100. Just like in a real-world scenario, let's find some open ports with nmap. We already know it's a Windows machine from looking at the stats in the list. Below is my first go-to scan for finding initial ports and information about a server.

(xenial)[email protected]:~$ nmap -sV -vv 10.10.10.100


fienjMM.png

What to Do
So what exactly are you supposed to do? You pwn the box, that's it. When you have root/admin access you will go back to HTB and click on the machine you are inside, in our case it's called Active.  At the top of the graph you will see a few boxes, one says Own User and another says Own Root. Clicking on one of these will open a modal window with instructions.

3YXTSre.png

  • Like 1

Share this post


Link to post
Share on other sites

Your content will need to be approved by a moderator

Guest
You are commenting as a guest. If you have an account, please sign in.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

×   Your link has been automatically embedded.   Display as a link instead

Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

About us

3rdWorld.cc is a cracking forum community that suits the purpose of everyone. We offer paid program for free, cracking tools, combolists, marketplace and many more. You can also expand on knowledge and participate in active discussions.

×