Blog on learning

HOME    ABOUT    CATEGORIES    TAGS    RESUME

HackTheBox Recaps

13 May 2022 | OSCP

Brief Hack The Box Recaps

I dabbled with HackTheBox (HTB) before getting into abatchy.com’s “How to prepare for PWK/OSCP, a noob-friendly guide”. I am only using freebies for now at Starting Point level. I stopped at Tier 02: Very Easy Level’s Vaccine retired box. Box is retired server with flags somewhere inside. Flag.txt would usually contain a hash that looks something like 0kljafa9w8ej9SDEfhwi34n9AFSd. My mentor don’t recommend spending too much time on HTB, since it promotes brute-force and many other tools that are not allowed in the OSCP field.

HTB is like puzzle. I am amused when a box claimed to be “Very Easy” because it is definitely not for beginners or completely noobs. Using walkthroughs is a must must. I would go back and redo these boxes without walkthroughs. I feel that it’s good to know what black hat hacking (black hat = unethically hacking) is about. It might help people who aspire to work in cybersecurity to know their opponents.

For OSCP, I would think it is all about gaining access without using unethical tools. NMAP.org is ALWAYS the first thing to do when given an ip address. My mentor says get skilled with enumeration and then everything becomes easier. Enumeration means information gathering, trying to find as many different attack vectors as possible.

I am debating whether I should do HTB recaps blog thoroughly because it is a time consuming and I just want to get ahead on studying for OSCP. I already did notes on HTB in MS excel and Obisidan. I used to be QA tester and heavily relied on MS excel for test cases. I think I’ll just copy and paste MS excel for each box that I did so far.

What did I use for HTB

  • a Virtual Machine with Kali distro installed, my laptop’s Macbook Pro M1 chip
    • https://youtu.be/FGXpf8svDmc
  • either Obisidan/MS excel/anything to take notes
  • youtube with walkthroughs

Freebies in the Starting Point

Tier 0: Very Easy

Tier0

Tier 1: Very Easy

Tier1

responderhtb

Tier 2: Very Easy

Tier02

I stopped at Vaccine, and didn’t include Oopsie in the MS Excel

Going further into HTB boxes, it gets harder and it becomes more than just one flag per box. MS Excel is not great to put down notes and it get messy. Higher level requires me to use more than couple of terminals. Sometimes jump over to browser and venture in there. Not easy to explain or note down in MS Excel. I use Obsidian now and it is much easier to organize and note down. I would use this blog but it would take a lot of time. One day I will publish my Obsidan online. I gotta get back to Linux Journey.

Related Posts

Comments