HEY GUYS I NEED HELP CAN OF NEW HERE AM LOST

Type your comment> @Center said:

Help with what?

How the forum works?
How to solve machines?
How to solve challenges?
How to …??

How to solve machines? YES
How to solve challenges? YES
How to get started

I think I can safely assume you are a total beginner at this.

The main focus of HackTheBox is to offer it’s members a chance to practice/learn penetration testing by making self-made machines available which consist of particular vulnerabilities which have to be identified in order to score points.

Each machine has it’s own ranking (easy, medium, hard, insane). These rankings determine how many points you get but also how advanced your exploits and pentesting techniques have to be.

For each machine you get the IP-address of that machine. You have to employ reconnaissance techniques in order to gather information about the machine and figure out one or more attack vectors.

Once you gathered access to the machine in one way or another it should be possible to read the user.txt file which has a standard location on a machine. After gaining user rights the goal is to find further attack vectors in order to escalate privileges from the user to root/admin which is generally the highest privilege on a machine.

We would prefer the standard locations for the flags:
Windows
user.txt: C:\Users\USERNAME\Desktop\user.txt
root.txt: C:\Users\Administrator\Desktop\user.txt
*nix
user.txt: /home/USERNAME/user.txt
root.txt: /root/root.txt

Hope this helps.

Most (?) members use Kali Linux which comes with hundreds of tools which can help you gather information, exploit and escalate through the machines.

I would sincerely advise you to watch IPPSEC video’s on YouTube on easy boxes like Jerry, Lame, Bashed, Poison.
He explains in great detail and very clearly how to attack a machine. You can learn tons from him.

Note: in order to work along IPPSEC you have to have a VIP account in order to complete the boxes mentioned before. They are retired and only accessible if you have a VIP account.

1 Like

Type your comment> @Center said:

I think I can safely assume you are a total beginner at this.

The main focus of HackTheBox is to offer it’s members a chance to practice/learn penetration testing by making self-made machines available which consist of particular vulnerabilities which have to be identified in order to score points.

Each machine has it’s own ranking (easy, medium, hard, insane). These rankings determine how many points you get but also how advanced your exploits and pentesting techniques have to be.

For each machine you get the IP-address of that machine. You have to employ reconnaissance techniques in order to gather information about the machine and figure out one or more attack vectors.

Once you gathered access to the machine in one way or another it should be possible to read the user.txt file which has a standard location on a machine. After gaining user rights the goal is to find further attack vectors in order to escalate privileges from the user to root/admin which is generally the highest privilege on a machine.

We would prefer the standard locations for the flags:
Windows
user.txt: C:\Users\USERNAME\Desktop\user.txt
root.txt: C:\Users\Administrator\Desktop\user.txt
*nix
user.txt: /home/USERNAME/user.txt
root.txt: /root/root.txt

Hope this helps.

Most (?) members use Kali Linux which comes with hundreds of tools which can help you gather information, exploit and escalate through the machines.

I would sincerely advise you to watch IPPSEC video’s on YouTube on easy boxes like Jerry, Lame, Bashed, Poison.
He explains in great detail and very clearly how to attack a machine. You can learn tons from him.

Note: in order to work along IPPSEC you have to have a VIP account in order to complete the boxes mentioned before. They are retired and only accessible if you have a VIP account.

Thanks Bro I really appreciate it thanks

start with nmap

Type your comment> @peek said:

start with nmap

Can you explain more bro Please

  1. connect via vpn with openvpn muzec.ovpn (you get it in access menu)
  2. Luke machine has IP 10.10.10.137
  3. nmap 10.10.10.137 (for a quick scan)
  4. then watch some videos for more details

Type your comment> @peek said:

  1. connect via vpn with openvpn muzec.ovpn (you get it in access menu)
  2. Luke machine has IP 10.10.10.137
  3. nmap 10.10.10.137 (for a quick scan)
  4. then watch some videos for more details

ok thanks bro for the head start

@peek said:

  1. connect via vpn with openvpn muzec.ovpn (you get it in access menu)
  2. Luke machine has IP 10.10.10.137
  3. nmap 10.10.10.137 (for a quick scan)
  4. then watch some videos for more details

Are You on Whatsapp???

no whatsapp.
try to read some posts in the forum, there are threads for the newbies.

Type your comment> @peek said:

no whatsapp.
try to read some posts in the forum, there are threads for the newbies.

Thanks bro let me check i really appreciate it

Just read some write ups in the specific forum to see how HTB works.

What is your history with computers in general? Do you have experience in networking, system administration, web design, virtualization, or software development? Understanding your previous experience with computers may really help us point you in the right direction of where to start.

Type your comment> @Dutch said:

What is your history with computers in general? Do you have experience in networking, system administration, web design, virtualization, or software development? Understanding your previous experience with computers may really help us point you in the right direction of where to start.

Only web design be can of new to the hacking field

If you guys can point me to the right direction i can learn fast

And thanks to @peek is been teaching me alot of stuff

I really loved the courses by Zaid Sabih on Udemy, both “Learn Ethical Hacking From Scratch” and “Learn Website Hacking / Penetration Testing From Scratch” may be of interest

There’s also the CyberMentor on Youtube who made a complete beginner series with almost everything you might need: Zero to Hero Pentesting: Episode 1 - Course Introduction, Notekeeping, Introductory Linux, and AMA - YouTube

Type your comment> @x41 said:

There’s also the CyberMentor on Youtube who made a complete beginner series with almost everything you might need:

Thanks

1 Like

@WillIWas said:
I really loved the courses by Zaid Sabih on Udemy, both “Learn Ethical Hacking From Scratch” and “Learn Website Hacking / Penetration Testing From Scratch” may be of interest

OK bro let me purchase it thanks

First off, you need to learn english.

"If you don’t have functional English, learn it.

Back around 1991 I learned that many hackers who have English as a second language use it in technical discussions even when they share a birth tongue; it was reported to me at the time that English has a richer technical vocabulary than any other language and is therefore simply a better tool for the job. For similar reasons, translations of technical books written in English are often unsatisfactory (when they get done at all).

Linus Torvalds, a Finn, comments his code in English (it apparently never occurred to him to do otherwise). His fluency in English has been an important factor in his ability to recruit a worldwide community of developers for Linux. It’s an example worth following.

If your writing is semi-literate, ungrammatical, and riddled with misspellings, many hackers (including myself) will tend to ignore you. While sloppy writing does not invariably mean sloppy thinking, we’ve generally found the correlation to be strong — and we have no use for sloppy thinkers. If you can’t yet write competently, learn to."

http://www.catb.org/~esr/faqs/hacker-howto.html#skills4

And here’s what: I’ve seen many people who are too lazy to learn english, having tons of information, articles about grammar; when they message me, I usually don’t even know what part of their message I should start reading from, it’s boring to deal with those people.

1 Like