Hey Guys am kind of new Am really lost don’t know what is going on and what to do am just so lost please guys i will really appreciate it if anyone can help or try to explain on how i can get started
Help with what?
How the forum works?
How to solve machines?
How to solve challenges?
How to …??
Type your comment> @Center said:
Help with what?
How the forum works?
How to solve machines?
How to solve challenges?
How to …??
yes Bro
Type your comment> @Center said:
Help with what?
How the forum works?
How to solve machines?
How to solve challenges?
How to …??
am f*cking Lost
Type your comment> @Center said:
Help with what?
How the forum works?
How to solve machines?
How to solve challenges?
How to …??
How to solve machines? YES
How to solve challenges? YES
How to get started
I think I can safely assume you are a total beginner at this.
The main focus of HackTheBox is to offer it’s members a chance to practice/learn penetration testing by making self-made machines available which consist of particular vulnerabilities which have to be identified in order to score points.
Each machine has it’s own ranking (easy, medium, hard, insane). These rankings determine how many points you get but also how advanced your exploits and pentesting techniques have to be.
For each machine you get the IP-address of that machine. You have to employ reconnaissance techniques in order to gather information about the machine and figure out one or more attack vectors.
Once you gathered access to the machine in one way or another it should be possible to read the user.txt file which has a standard location on a machine. After gaining user rights the goal is to find further attack vectors in order to escalate privileges from the user to root/admin which is generally the highest privilege on a machine.
We would prefer the standard locations for the flags:
Windows
user.txt: C:\Users\USERNAME\Desktop\user.txt
root.txt: C:\Users\Administrator\Desktop\user.txt
*nix
user.txt: /home/USERNAME/user.txt
root.txt: /root/root.txt
Hope this helps.
Most (?) members use Kali Linux which comes with hundreds of tools which can help you gather information, exploit and escalate through the machines.
I would sincerely advise you to watch IPPSEC video’s on YouTube on easy boxes like Jerry, Lame, Bashed, Poison.
He explains in great detail and very clearly how to attack a machine. You can learn tons from him.
Note: in order to work along IPPSEC you have to have a VIP account in order to complete the boxes mentioned before. They are retired and only accessible if you have a VIP account.
Type your comment> @Center said:
I think I can safely assume you are a total beginner at this.
The main focus of HackTheBox is to offer it’s members a chance to practice/learn penetration testing by making self-made machines available which consist of particular vulnerabilities which have to be identified in order to score points.
Each machine has it’s own ranking (easy, medium, hard, insane). These rankings determine how many points you get but also how advanced your exploits and pentesting techniques have to be.
For each machine you get the IP-address of that machine. You have to employ reconnaissance techniques in order to gather information about the machine and figure out one or more attack vectors.
Once you gathered access to the machine in one way or another it should be possible to read the user.txt file which has a standard location on a machine. After gaining user rights the goal is to find further attack vectors in order to escalate privileges from the user to root/admin which is generally the highest privilege on a machine.
We would prefer the standard locations for the flags:
Windows
user.txt: C:\Users\USERNAME\Desktop\user.txt
root.txt: C:\Users\Administrator\Desktop\user.txt
*nix
user.txt: /home/USERNAME/user.txt
root.txt: /root/root.txtHope this helps.
Most (?) members use Kali Linux which comes with hundreds of tools which can help you gather information, exploit and escalate through the machines.
I would sincerely advise you to watch IPPSEC video’s on YouTube on easy boxes like Jerry, Lame, Bashed, Poison.
He explains in great detail and very clearly how to attack a machine. You can learn tons from him.Note: in order to work along IPPSEC you have to have a VIP account in order to complete the boxes mentioned before. They are retired and only accessible if you have a VIP account.
Thanks Bro I really appreciate it thanks
start with nmap
- connect via vpn with openvpn muzec.ovpn (you get it in access menu)
- Luke machine has IP 10.10.10.137
- nmap 10.10.10.137 (for a quick scan)
- then watch some videos for more details
Type your comment> @peek said:
- connect via vpn with openvpn muzec.ovpn (you get it in access menu)
- Luke machine has IP 10.10.10.137
- nmap 10.10.10.137 (for a quick scan)
- then watch some videos for more details
ok thanks bro for the head start
@peek said:
- connect via vpn with openvpn muzec.ovpn (you get it in access menu)
- Luke machine has IP 10.10.10.137
- nmap 10.10.10.137 (for a quick scan)
- then watch some videos for more details
Are You on Whatsapp???
no whatsapp.
try to read some posts in the forum, there are threads for the newbies.
Type your comment> @peek said:
no whatsapp.
try to read some posts in the forum, there are threads for the newbies.
Thanks bro let me check i really appreciate it
Just read some write ups in the specific forum to see how HTB works.
What is your history with computers in general? Do you have experience in networking, system administration, web design, virtualization, or software development? Understanding your previous experience with computers may really help us point you in the right direction of where to start.
Type your comment> @Dutch said:
What is your history with computers in general? Do you have experience in networking, system administration, web design, virtualization, or software development? Understanding your previous experience with computers may really help us point you in the right direction of where to start.
Only web design be can of new to the hacking field
If you guys can point me to the right direction i can learn fast
I really loved the courses by Zaid Sabih on Udemy, both “Learn Ethical Hacking From Scratch” and “Learn Website Hacking / Penetration Testing From Scratch” may be of interest