Best Way to Progress ON HTB if you Work! 5 days in IT

I work in infrastructure Department more like networking windows Linux servers etc.

it is very hard to use some time work network because it blocks most of the proxy or vpn access to other networks , Also usually you can’t be doing some thing that is not part of work.

There for i came up with solution my be it will help full to those who want to do OSCP like me and also want to practice HTB any where,

so this was my fix i bough second hand!
Nexus 6 – The Nexus 6 is a true “Phablet”, featuring a 2.7 Ghz quad core CPU and 3GB of ram coupled with a 6″ display. The most powerful NetHunter device you can get that will still fit in your pocket.

then installed

set it all up. and i use my phone as wifi. Then Enumerate 3-4 Boxes on my way to work takes me 1 to get to work and get back! so i do all my enumerations using nexus 6 with kali nethunter installed. well i can do pretty much every thing that i can do on my kali linux BOX at home! except the Graphical interface staff like burp etc but any thing that using terminal…

that being said once i get home i start doing things that i could not do on my nexus. usually because of this i progress fast and i learned a lot.

it is very handy because you safe alot of time sitting front of computer when you home especially if you have family an other things that are personal.

with nexus 6 i was able to do HTB practice pretty much anywhere there internet wifi. and if there no wifi i just use my main phones hotspot. wifi.

i think you should all check out. it is small device and very very convenient.
you can progress any where especial if you plan on working in security and Penetration testing.

i just though i would share with you!.. :slight_smile:

there is a reason why is not very exaggerated or far off the stereotype of people hacking all night :slight_smile: I barely sleep 4 hours at much during the week. I make up for the lack of sleep on the weekends. I find than doing any CTF from work is just a waste of time because I’m not focus, maybe enumeration is ok… but not actual thinking, for this I rather do it at night when everyone is sleeping and nobody bothers me for hours. I tried doing this from work but constants interruptions, just make it to the point Im not doing work right or hacking right. but thats just me, other people have more concentration powers :slight_smile:

@rek2 said:
there is a reason why is not very exaggerated or far off the stereotype of people hacking all night :slight_smile: I barely sleep 4 hours at much during the week. I make up for the lack of sleep on the weekends. I find than doing any CTF from work is just a waste of time because I’m not focus, maybe enumeration is ok… but not actual thinking, for this I rather do it at night when everyone is sleeping and nobody bothers me for hours. I tried doing this from work but constants interruptions, just make it to the point Im not doing work right or hacking right. but thats just me, other people have more concentration powers :slight_smile:

lol you 100% right

but to be honsty i use for enumration because enumration is 90% of the work…

and also reading forums! but yes the only time i can consentrate when i am home but by the time i have idea of what i have to do so i take out the time enumrate etc…

and most enumration and research take the longest by all honsty breaking the box it easy once you have lead from enumration etc… you know what amean

yes this soo adective lol i dont even get time to play games these days cos all i think about breaking things here at HTB :slight_smile:

I use my Nethunter Oneplus One I run the ovpn file from the phone then just ssh into it… The problem is that I can’t visit webpages unless its through the phone but its to ssh into it instead of typing it all on the phone

wonder how long will it take a fairly complicated nmap scan with the lua scripts? how well it does that? you guys may be convincing me to buy a second hand nexus 6 or something on amazon.

well i use nexus 6 and i disabled the android using netthunter but i upgrade to kali linux meaning the chroot is nethunter but every think else kali linux

nmap -p- -sU -sV -T4 takes around 2 minuters to 3 minuters for me to complete

to be honsty it better then laptop for me. that being said right i just was able to get user on fighter using nexus 6 only!! and about to get root!! i dont about oneplus tho. all i know is that i reconfigred every thing to my liking nexus it not even phone. it more like mini PC :slight_smile: i can do every thing except burp + owszip etc.

meta exploit fully installed too but i try and stay away from metaexploits and use more python base exploits… any thing i can’t do on nexus i just do it at home.

@rek2 said:
wonder how long will it take a fairly complicated nmap scan with the lua scripts? how well it does that? you guys may be convincing me to buy a second hand nexus 6 or something on amazon.

the nexus 6 motorola is the best! out of any other device out there… as far as i know it actually really really good trust me on this… !!! lol i am on bed and i am still tring to crack staff!! no facebook no snapchat no Instegram i quite all of them since i got set up the nethunter :slight_smile:

haha very cool, yeah is a good idea, I may actually go for it. I am a linux user so I dont mind what linux distro as long I can install the tools. I actually pucharsed https://puri.sm/shop/librem-5/ that will come with a custom debian but you can put blackarch on it. but is coming out now in feb of 2019 to long for me to wait :slight_smile: so maybe I get the nexus 6 and put nethunter for a start and see where that leads me.

buy new on or second hand and you unlock crack it install it is lot better and you get good satifaction then one already with lunux from nethunter. cos when you install your self you can castomize it like you want… i use archlinux at home! tho :slight_smile: i get of windows about 2 years ago only use windows for playing games bit adicted to WOW since days one lol.

cool, yeah I love arch, been using blackarch for hacking, you can use windows over KVM/Qemu with a GPU pass thru card, for games works like a charm. KVM is 10000 times better than vmware anyways.

@rek2 said:
cool, yeah I love arch, been using blackarch for hacking, you can use windows over KVM/Qemu with a GPU pass thru card, for games works like a charm. KVM is 10000 times better than vmware anyways.

true that but i broke my arch trying to do KVM/Qemu i have yet to set it up proper but what i did i am ruing bootlct and i have windows and arch on 2 diffrent SSD cards where ill have press f10 to choose which one to boot! ruing on EFI so for windows i chooses boot else archlinux boots automaticaly from bios lol :slight_smile:

top that just rooter FIGHTER ON nexus 6 :slight_smile: yahooooooooo

top Box.

grats!

Tha bro

I used nethunter in exactly the same way in the past for htb. I was once in a cafe in a kids softplay (parenting my two kids ?) when a couple of people saw my screen and though i was H@Xk1nG Da PlaN3t arrrggghhh. Lol
They said they were gonna call the police. Even after i explained what i was doing. They were just too retarded to listen…
I started to worry how it may look if the po po got a hold of my Samsung Note 3 with NetHunter on it.
Anyway however, my actual solution was to switch to using a stock Google Pixel 2 as i wanted a more secure Android device with a good patch cycle. But, i now set up a debian vps on linode and used their network full disk recovery feature to replace the debian with kali.
Now i just use ssh to my kali vps from my phone, laptop, tablet whatever.
I also have an azure windows dev box i use for windows stuff too. I use Microsoft’s RD Client to use the desktop from my pixel.
Its fucking awesome! I thought the touchscreen to mouse movement would be tricky but its super nice to use.
?

i work as devops so i can understand you. when i am not busy usuallyi don’t connect to the htb vpn from work but i do research. what i did for instance this morning has been playing around with an app running on Reddish box (which i enumerate yesterday). i set up a docker container with that and managed to get a reverse shell. i can’t wait to go home and try if it’s gonna work on Reddish as well :slight_smile:

There’s this site called shodan it has lots of free vps on it :scream: (okay joking but your own VPS is a good idea since you can snapshot and it doesn’t matter if they get popped/burned)

amm i dont get how can get to trouble with po po lol… i prefare using nexus 6
i only use home computer if i have to do boxes that i need to use burp or vnc i use my computer else just the nexus… it does most of the work… but there no simcard it just purely for HTB ! i dont like setting up vpn to my home workstations!! i prefare using my phone as internet well main phone and i never connect my work wifi that like asking for trouble lol…

but nice @3mrgnc3
i dint know you can use pixel 2 + to install Kali nethunder! ??

can you link some guides is there any and if so you will have to root the device right?