Brackets?

Please forgive me for the vomit of the mouth that is about to come, I want to start by saying I have no issues with this platform as it is and I love it.

I also understand it is a new platform and that it will take time to build up to a certain level of maturity as a platform.

I’ve had a bunch of discussions with other members of various stances related to box difficulty and the divide between entry level (people who may have never completed a vulnerable virtual machine) versus people who have spent a considerable amount of time developing basic fundamentals. (I believe basic fundamentals should be learned outside of HTB, personally)

This is stressed further by the number of boxes and not topics that go on – especially on reddit. I wake up to 15-20 PM’s a day on reddit requesting help and while most people are okay with just a hint, some are far less clued in as to what they are doing and literally want to be spoonfed.

I propose introduction of brackets to solve the issue of both the divide of easy versus harder difficulty boxes, as well as a more open platform for new comers.

I also believe there is a desire for more pivoting mechanics as well as less retiring of quality machines to make more room for new ones that may or may not match the same difficulty level as those lost.

A lot of people don’t think that there is a need for machines that don’t actively engage creative thinking or difficult concepts to further our individual experiences. However I can see that there is a great portion of the user-base that would perfer to use HTB as a stepping stone into the harder concepts rather than learning with virtual machines they host from vulnhub.

While I don’t agree that HTB needs to cater to this. I enjoy the community as a whole and would like to see it thrive and continue to grow in an organic and constructive manner.

Just my opinion feel free to point out why I’m wrong if I have a misguided interpretation of what it is the platform is intended to be.

At the end of the day this is just an idea to get the ball rolling, it may not be a viable solution due to any number or reasons such as development cost, infrastructure, etc.

Happy Hacking,
dostoevsky

Basic rundown of what I’m talking about:

Brackets{
	"subnets":{
		// Entry network
		// Easy difficulty, tutorials allowed
		// ranked bracket 1
		"10.10.10.0/24":{
			"title":"Entry Level",
			"bracket":1,
			"tutorials":true

		},
		// Only accessible via pivoting from bracket 1
		// Medium Difficulty
		// ranked bracket 2
		"10.10.20.0/24":{
			"title":"Experienced",
			"bracket":2,
			"tutorials":false
		
		},
		// Only accessible via pivoting from bracket 2
		// Hardest Difficulty
		// ranked bracket 3
		"10.10.30.0/24":{
			"title":"Pro Level",
			"bracket":3,
			"tutorials":false
	
		}
	}
}

HallofFame{
	"ranked":{
		// excludes you if you are in a higher bracket
		bracket3:"Top 100 - Pro Bracket"
		// IE: if you are in bracket 3 you won't show up in bracket 2
		bracket2:"Top 100 - Experienced Bracket"
		// excludes you if you are in a higher bracket
		bracket1:"Top 100 - Entry Level"
	}
	"unranked":{
		// open to everyone
		// unranked
		// retired machines
	}

}

Hello! This sounds promising indeed, although with retired machines, tutorials become available at some point. We are thinking of opening more labs for people to learn including tutorials again but will surely take time :frowning:

of course, was just some thoughts. :slight_smile:

interesting :+1:

The only problem with this is what you constitute as being easy might be difficult to others and vice versa. Personally, I’d prefer to see a few more machines that have more exploit dev involved, my own idea is to write a VM with a vulnerable network service (that you have to write the exploit for) and then a custom kernel driver you have to exploit. I would find that quite simple, others might struggle a lot.

On the flip side, the creative thinking around some of the web app boxes on here often stumps me, where others find it extremely logical.

Don’t disagree with that but I think that if you develop a methodology and stick to it you will find yourself to be more successful getting to the end result of a box.

at that point difficulty would be thinking creatively as opposed to default passwords, dirbust failures, etc I would say a custom network service that has to be exploited remotely to gain a shell while it may be easy in theory for someone with experience with exploit development can quickly become difficult if you add in mitigations that have to be accounted for. I would consider that a hard box, whereas something like Mirai would be an easy box.

I don’t think there really is much room for debate that Calamity is hard and Mirai is easy. the middle ground is where things get murky. Is Charon medium or is it hard? Well that depends on your particular experience.

I digress, i do agree that difficulty is subjective, but there are standards even still.

you make a good point about the middle ground actually, I agree with everything you put there

No boxes are easy, ippsec did shocker in 11 minutes, I spent 8 hours. First minutes of shocker, I knew what was the vulnerability in theory, but in practice, I lost time for a little detail. Sometimes it’s not only enumerating, it’s also experience and intuition.

If you took the time to really understand the exploit you were attempting to perform, your enumeration would have been fruitful much sooner. This falls back to my point of:

@dostoevskylabs said:
Don’t disagree with that but I think that if you develop a methodology and stick to it you will find yourself to be more successful getting to the end result of a box.

Happy Hacking

I really like the pivot to more challenging levels aspect of this idea. Pivoting was my favorite part of the oscp labs.

pretty cool idea! I agree with brutus pivoting would be a great addition!

Pivots are cool, but really hard to do in labs with 100+ people due to people stepping on each other. Then when you learn about SShuttle, pivots are a piece of cake. Pivoting through a Windows box is still a royal PITA, but its even more a PITA if your pivoting from that box with 100 other people attacking/pivoting/etc.

I’m not saying its something that won’t happen, it’s definitely on the radar but want to ensure whenever it is done; that it is stable.

Yeah, or you could just use netcat . Thanks for valuing stability over all else, honestly that really is the priority.

I agree with that point Ippsec, it would have to be something that could be implemented without sacrificing the stability of the network as a whole. Woudn’t be much fun otherwise.

dostoevskylabs i have to agree with you on subjectivity of difficulty, it’s totally true :+1: