Do you do a machine more than once?

Hey everyone, I just wanted to get peoples opinions on doing machines multiple times.
Once you have finished a machine, do you redo it in order to make sure what you have learnt sticks in your brain, or do you have a bit of a break and then come back and redo the machine?

Or maybe you don’t redo a machine, you just move onto the harder ones.

I want peoples experiences on any of the above options and what worked for you and why.

Thanks in advance.

Don't forget to +respect if I have helped you out at all.

Happy Hacking!

https://www.hackthebox.eu/home/users/profile/135164

Comments

  • Normally Ill redo a machine so i can grab snapshots of what I did. If your trying to understand what you did and why it work is also a good reason.

    If your just there for the flags then there is no reason to redo it
  • I usually try and own machines once around the time they come out or whenever my schedule allows for it, and then replay them around the time they're about to retire and document each step for a writeup.

  • And what stage are you two at? Are you experienced hackers or are you at a beginner level? And do you follow walkthroughs at all? @n2lus @KeyboardCaper

    Don't forget to +respect if I have helped you out at all.

    Happy Hacking!

    https://www.hackthebox.eu/home/users/profile/135164

  • Fully document your first time through a machine. Then review it to look for things you missed, gaps and any way you could have done it better. Revisiting the machine to pull those things will help.

    Also revisit to practice post exploitation activities. Did you find everything on the machine? Did you try and exploit additional items off the main path? (i.e. if a machine issues JWT tokens, can you find the secret and use it to successfully forge your own tokens?)


    OSCP | PMP

  • During my first run through the machine I'll use my writeup structure, but it's really more of a combination rough draft / notes. Once I gain root I'll typically redo the box right away as I'm completing the final draft of my writeup.

    Once my writeup is finished and published I'll read a few other writeups on the box (I don't like to read others before mine is done). Then, if there are different paths I'll go back to the machine and explore those. So yeah I normally do a machine 2-4 times.

  • Personally, I run through a box just to root it initially, taking some light notes along the way. After rooting it, I'll go back and verify each of my steps for future reproduction -- this is for a general means of understanding, but also to provide myself with adequate notes for future writeups.


    Hack The Box
    defarbs.com | Retired Machine Writeups! - "Let me just quote the late, great Colonel Sanders, who said, 'I'm too drunk... to taste this chicken.'”

Sign In to comment.