HEY GUYS I NEED HELP CAN OF NEW HERE AM LOST

Hey Guys am kind of new Am really lost don't know what is going on and what to do am just so lost please guys i will really appreciate it if anyone can help or try to explain on how i can get started

Tagged:

Comments

  • Help with what?

    How the forum works?
    How to solve machines?
    How to solve challenges?
    How to ...??

    center

  • Type your comment> @Center said:

    Help with what?

    How the forum works?
    How to solve machines?
    How to solve challenges?
    How to ...??

    yes Bro

  • Type your comment> @Center said:

    Help with what?

    How the forum works?
    How to solve machines?
    How to solve challenges?
    How to ...??

    am f*cking Lost

  • Type your comment> @Center said:

    Help with what?

    How the forum works?
    How to solve machines?
    How to solve challenges?
    How to ...??

    How to solve machines? YES
    How to solve challenges? YES
    How to get started

  • edited June 25

    I think I can safely assume you are a total beginner at this.

    The main focus of HackTheBox is to offer it's members a chance to practice/learn penetration testing by making self-made machines available which consist of particular vulnerabilities which have to be identified in order to score points.

    Each machine has it's own ranking (easy, medium, hard, insane). These rankings determine how many points you get but also how advanced your exploits and pentesting techniques have to be.

    For each machine you get the IP-address of that machine. You have to employ reconnaissance techniques in order to gather information about the machine and figure out one or more attack vectors.

    Once you gathered access to the machine in one way or another it should be possible to read the user.txt file which has a standard location on a machine. After gaining user rights the goal is to find further attack vectors in order to escalate privileges from the user to root/admin which is generally the highest privilege on a machine.

    We would prefer the standard locations for the flags:
    Windows
    user.txt: C:\Users\USERNAME\Desktop\user.txt
    root.txt: C:\Users\Administrator\Desktop\user.txt
    *nix
    user.txt: /home/USERNAME/user.txt
    root.txt: /root/root.txt

    Hope this helps.

    Most (?) members use Kali Linux which comes with hundreds of tools which can help you gather information, exploit and escalate through the machines.

    I would sincerely advise you to watch IPPSEC video's on YouTube on easy boxes like Jerry, Lame, Bashed, Poison.
    He explains in great detail and very clearly how to attack a machine. You can learn tons from him.

    Note: in order to work along IPPSEC you have to have a VIP account in order to complete the boxes mentioned before. They are retired and only accessible if you have a VIP account.

    center

  • Type your comment> @Center said:

    I think I can safely assume you are a total beginner at this.

    The main focus of HackTheBox is to offer it's members a chance to practice/learn penetration testing by making self-made machines available which consist of particular vulnerabilities which have to be identified in order to score points.

    Each machine has it's own ranking (easy, medium, hard, insane). These rankings determine how many points you get but also how advanced your exploits and pentesting techniques have to be.

    For each machine you get the IP-address of that machine. You have to employ reconnaissance techniques in order to gather information about the machine and figure out one or more attack vectors.

    Once you gathered access to the machine in one way or another it should be possible to read the user.txt file which has a standard location on a machine. After gaining user rights the goal is to find further attack vectors in order to escalate privileges from the user to root/admin which is generally the highest privilege on a machine.

    We would prefer the standard locations for the flags:
    Windows
    user.txt: C:\Users\USERNAME\Desktop\user.txt
    root.txt: C:\Users\Administrator\Desktop\user.txt
    *nix
    user.txt: /home/USERNAME/user.txt
    root.txt: /root/root.txt

    Hope this helps.

    Most (?) members use Kali Linux which comes with hundreds of tools which can help you gather information, exploit and escalate through the machines.

    I would sincerely advise you to watch IPPSEC video's on YouTube on easy boxes like Jerry, Lame, Bashed, Poison.
    He explains in great detail and very clearly how to attack a machine. You can learn tons from him.

    Note: in order to work along IPPSEC you have to have a VIP account in order to complete the boxes mentioned before. They are retired and only accessible if you have a VIP account.

    Thanks Bro I really appreciate it thanks

  • start with nmap

    peek

  • Type your comment> @peek said:

    start with nmap

    Can you explain more bro Please

    1. connect via vpn with openvpn muzec.ovpn (you get it in access menu)
    2. Luke machine has IP 10.10.10.137
    3. nmap 10.10.10.137 (for a quick scan)
    4. then watch some videos for more details

    peek

  • Type your comment> @peek said:

    1. connect via vpn with openvpn muzec.ovpn (you get it in access menu)
    2. Luke machine has IP 10.10.10.137
    3. nmap 10.10.10.137 (for a quick scan)
    4. then watch some videos for more details

    ok thanks bro for the head start

  • @peek said:
    1. connect via vpn with openvpn muzec.ovpn (you get it in access menu)
    2. Luke machine has IP 10.10.10.137
    3. nmap 10.10.10.137 (for a quick scan)
    4. then watch some videos for more details

    Are You on Whatsapp???

  • no whatsapp.
    try to read some posts in the forum, there are threads for the newbies.

    peek

  • Type your comment> @peek said:

    no whatsapp.
    try to read some posts in the forum, there are threads for the newbies.

    Thanks bro let me check i really appreciate it

  • Just read some write ups in the specific forum to see how HTB works.
  • What is your history with computers in general? Do you have experience in networking, system administration, web design, virtualization, or software development? Understanding your previous experience with computers may really help us point you in the right direction of where to start.

  • Type your comment> @Dutch said:
    > What is your history with computers in general? Do you have experience in networking, system administration, web design, virtualization, or software development? Understanding your previous experience with computers may really help us point you in the right direction of where to start.

    Only web design be can of new to the hacking field
  • If you guys can point me to the right direction i can learn fast
  • And thanks to @peek is been teaching me alot of stuff
  • I really loved the courses by Zaid Sabih on Udemy, both "Learn Ethical Hacking From Scratch" and "Learn Website Hacking / Penetration Testing From Scratch" may be of interest

    WillIWas

  • There's also the CyberMentor on Youtube who made a complete beginner series with almost everything you might need:

    x41

  • Type your comment> @x41 said:
    > There's also the CyberMentor on Youtube who made a complete beginner series with almost everything you might need:

    Thanks
  • > @WillIWas said:
    > I really loved the courses by Zaid Sabih on Udemy, both "Learn Ethical Hacking From Scratch" and "Learn Website Hacking / Penetration Testing From Scratch" may be of interest

    OK bro let me purchase it thanks
  • edited July 7

    First off, you need to learn english.

    "If you don't have functional English, learn it.

    Back around 1991 I learned that many hackers who have English as a second language use it in technical discussions even when they share a birth tongue; it was reported to me at the time that English has a richer technical vocabulary than any other language and is therefore simply a better tool for the job. For similar reasons, translations of technical books written in English are often unsatisfactory (when they get done at all).

    Linus Torvalds, a Finn, comments his code in English (it apparently never occurred to him to do otherwise). His fluency in English has been an important factor in his ability to recruit a worldwide community of developers for Linux. It's an example worth following.

    If your writing is semi-literate, ungrammatical, and riddled with misspellings, many hackers (including myself) will tend to ignore you. While sloppy writing does not invariably mean sloppy thinking, we've generally found the correlation to be strong — and we have no use for sloppy thinkers. If you can't yet write competently, learn to."

    http://www.catb.org/~esr/faqs/hacker-howto.html#skills4

    And here's what: I've seen many people who are too lazy to learn english, having tons of information, articles about grammar; when they message me, I usually don't even know what part of their message I should start reading from, it's boring to deal with those people.

Sign In to comment.