I’ve completed some write-ups of my solutions for some of the challenges on the HackTheBox pen-testing platform (these will remain password protected with the full flag until the solutions are made public). These won’t be the most sophisticated, elegant or quickest I’m sure, but they follow my learning path and may be of use to others at the same level to compare tactics.
Blunder – Learning points: importance of patching, password reuse vulnerability, privilege auditing, strong passwords and the potential for automated OSINT to recover a password.
HTB Academy – LFI/DT Skill Assessment – Learning Points: Local & Remote File Inclusion, PHP Wrappers, Directory Traversal
HTB Academy – Attacking Web Applications with Ffuf – Skill Assessment – Learning Points: Fuzzing – Directory, Page, Recursion, SubDomain, vHost, Parameter, Value
What sorts of skills would you recommend learning for someone interested in participating in the HackTheBox challenge? I love looking for vulnerabilities to exploit and I’m looking for an outlet for this fascination that won’t land me in federal prison.
Hey there! You’re absolutely right to look for the legal route – your fascination if properly channelled could lead you to a career in pen testing with fantastic prospects and salary. I’m exactly where you are, fascinated by the concept and just doing my best to learn – primarily so I can understand better how to make my environment more secure.
Depending on your budget, I’d perhaps recommend getting a premium HTB account as it allows you to look at walkthroughs for retired machines (after trying them yourself). I found these really tough to comprehend at first, but once you work through a couple you start to build a pattern of how to scan the machines and get your foothold. I’ve JUST got to the point where I got user/root on a couple of the easy live machines.
HTB is one of the harder sites in my opinion – it’s not very forgiving (don’t get me wrong it’s a great site!) There are other (free) challenge sites you can cut your teeth on that you may find step you through the learning curve more gradually. There’s a great list here: https://serocu.police.uk/cyber-training/
I’d recommend checking out some of those sites and find the one(s) presented in the best style to suit you.
I’ve also found setting up my own home lab with a Raspberry Pi, Bootable Kali Linux USB and Kali Virtual Machine, plus machines from VulnHub, Metasploitable is a good, legal environment to learn in (in the UK – please check in your own country) – you learn a lot just setting up the machines and getting the network running.
I read a lot of articles from all over the internet to feed my hobby – some are better than others, some you have to tweak to get working.
The specific skills you need on HTB depend by machine, but I would suggest initially to really explore knowledge of tools like nmap, directory/file fuzzing – essentially enumeration. I’m still learning this! Very, very few HTB machines require any form of brute forcing.
Hope that kind of helps – I intend to post some more articles in my pen testing section in the not too distant future, featuring some of the (basic!) tools and techniques I’ve encountered on my journey so far, so do pop back.
And always keep it legal! Best of luck.