I have recently been developing an interest in infosec, and just learning in general, and also got introduced to the HTB platform. I’m sure the question that underlies my question has been asked a million times on forums like these, i.e. “what is the best/quickest way to learn hacking?”
That is not what I intend to ask though, as I’ve come to realize that there are a diverse array of areas/topics that you need to become quite familiar with, like networking, basics of various OSes and how they work, some programming knowledge, etc. So I’m going to tell you what my current learning methodology or approach is, and ask you to tell me if I’m on the right track, if there’s anything you would recommend I change, recommend I do more, or less of, etc.
Every day I try and dedicate an hour to learning in this area. Sometimes it turns out to be more, sometimes less, but consistency is key.
My main focus in this hour, because I think too little hands-on practical application with too much focus on intellectual learning-like-a-robot leads to losing motivation too quickly, is on doing HTB machines. And I do it like this:
I first try and exploit the box myself. I apply whatever knowledge I have to try and get as far as I can without looking at any write-up or walkthrough like material.
Once I get to the point that I have no clue how to progress, I turn to a write-up, looking for the ones that are as detailed as possible, and with as many different attack-vectors explained as possible. I tend to favor those that explain quick hacks, like using msf, just loading an exploit, a payload, and typing “run,” but then ALSO explains manual exploitation methods, as well as how and why they work.
I will usually only consult the writeup up to a point where I have a few more ideas on where to go from that point (in other words, I’m not stuck anymore), and will then attempt the box without the writeup again, until I get stuck again, and then repeat the process.
I make a point of spending time on everything I see/learn in the writeup. If I see a command or tool that I don’t know, I go through tutorial videos of it first apart from the context of the HTB machine I’m attacking, and try to at least gain a high-level understanding of that tool/command and its various options/flags/parameters, and only then go back to what the writeup told me to run. No point in just re-typing a command that someone tells you to run, without actually understanding what it does, right?
A few observations of doing it this way - a) it usually, at the moment, doesn’t take me very long to get stuck and have to consult a write-up… I’m hoping the time it takes me to get stuck will become shorter and shorter as I progress and learn. My thinking is that as I learn with practical experience, that ratio of time spent doing-it-myself VS consulting-writeups will start swinging the other way. b) It takes me VERY long. I’ve been busy with Lame, as an example for over a week now, just going through as many quality writeups I can, trying to apply what I’ve learned the previous days without having to consult the writeups I referenced before, trying different attack vectors, etc. Again, I’m hoping the total time it takes me on each box will also decrease as I gain practice and knowledge. But, again, no point in just typing what I see on a tutorial, gaining entry in 5 minutes, and then moving on to the next box if I haven’t at least learned everything I could from that box, right?
Once I’ve exhausted every bit of knowledge and practice I could get out of a box, I would then try and gain access again from scratch to that box without consulting any writeup, while at the same time doing a writeup while I go. Often, this will just look like whatever the other guys already wrote in their writeups, but I find this helps solidify what I’ve learned in my own mind, making it easier to understand as well as remember when I have to apply it again in future boxes.
While the above is my main focus, because I like the practical aspect of learning, I also spend my hour of learning every now and then on a udemy or youtube training course by the likes of IPPSec, The Cyber Mentor, HackerSploit, etc. I find that, because practical application is my main focus, when I do watch through an hour of intellectual brain dumps like this, I tend to relate more to what is taught and grasp the concepts quicker, than if I just sat and watched hours of training material without actually getting the hands-on practice as well.
Apologies for the long post, but I want to make sure I get the most value out of the time spent trying to learn this. I’m over 40 right now, and tend to feel slightly discouraged and demotivated because I’ve lost so much time that I could have learned all this stuff. So as to not give up, my main goal is just to be as efficient as possible in the learning process.
This field is massive. Like… endlessly massive.
You pretty much can’t learn it all. You can try for sure though.
I started about 1.5 years ago maybe more now, not sure. I can tell you this…
At first everything is exciting and new. You learn pretty fast it’s exciting and fun.
Over time you start learning a pretty solid set of tools to go around hacking with.
You’ll get to a point where you hit a wall. It will seem like a huge wall that you are like wtf do I do? This is such a giant wall. Over time though, with persistence and dedication you’ll pass that wall and go on learning again.
I find that this repeats. I’ll learn a lot, or lol think I’ve learned a lot then turn around and just hit this massive wall.
The point of this little info blob… stick with the ■■■■. Do what you enjoy and what interest you and just keep tinkering. When you hit those walls of aids, just keep fucking going. Suck it up and push into the uncomfortable learning areas of the unknown.
Don’t be afraid of the harder ■■■■ that blows your mind.
Also, I’ve done about 350-400 boxes over multiple platforms now (including my own labs) I’ve caught myself developing some pretty shitty habits from the CTF, gamified aspects of some of these. Keep in mind what these are and use it as that. Try not to pick up these habits or at least be aware of them developing and question them.
It’s cost my OSCP twice now. Kicking myself after when I look back and see what I did and what probably would have worked.
Learn the methods. Learn as many as you can. It’s little by little you make it to the top of the mountain.
Oh… PS…
Don’t rush. Take your time and enjoy the journey.
You’ll burn yourself out pushing too hard or too fast and it’s just going to take time. Slow is smooth and smooth is fast. At least that’s what the army always said I think it holds true here.
This field is massive. Like… endlessly massive.
You pretty much can’t learn it all. You can try for sure though.
100% agree with this. No one person can ever know it all. You can know a lot though and if you have a continuous learning mindset, it becomes enjoyable to constantly be picking up new things.
The point of this little info blob… stick with the ■■■■. Do what you enjoy and what interest you and just keep tinkering. When you hit those walls of aids, just keep fucking going. Suck it up and push into the uncomfortable learning areas of the unknown.
^^^ Awesome advice ^^^
Also, I’ve done about 350-400 boxes over multiple platforms now (including my own labs) I’ve caught myself developing some pretty shitty habits from the CTF, gamified aspects of some of these. Keep in mind what these are and use it as that. Try not to pick up these habits or at least be aware of them developing and question them.
This is a great point, often overlooked by people. CTF’s have a “gameplay” which is different from the real world. You can be successful at a CTF, simply by knowing how the game works.
I started in march 2020 last year and to start with I was spending a huge amount of time on rooting the boxes. I still remember I did Nest box and then moved on the the next one however I didn’t know that I had to submit flags and I wasn’t documenting anything at all.
So I had to basically root 3 boxes again just to get flags.
Information started flowing really well for me and apart from angry wife, all was going well.
Then I got busy at work so I couldn’t keep up with it at all, and i kind of stopped. Its only this month I have started to look into boxes again. however, I am finding a major gap in my knowledge. I haven’t forgotten anything however the progress is slow but my cherrytree documentation is helping me.
on another note, learning is a must and I have quite a few weak points which I am wanting to fill in, i.e: buffer overflows and reverse engineering for complicated stuff, I still struggle.
for me, pentesting is a hobby when I get some time and I enjoy it and at the same time, the knowledge I gain from it helps me with my IT job anyway.
I have decided and scheduled a calendar entry in my diary to spend 30 mins Mon-Fri week for pentesting so I may start on a box and may complete it in a week.
Good luck and keep on learning, I do like ippsec videos and watch them quite a lot for clarification of concepts alongside other resources.
no need to feel discouraged, learn at your own pace and forget the competition bit.
also, its good to take time out, have fun with family and beat your kids on playstation
I’m in a situation like this, over 100 boxes here on HTB and hitting wall after wall.
“Alice: Would you tell me, please, which way I ought to go from here?
The Cheshire Cat: That depends a good deal on where you want to get to.
Alice: I don’t much care where.
The Cheshire Cat: Then it doesn’t much matter which way you go.
Alice: …So long as I get somewhere.
The Cheshire Cat: Oh, you’re sure to do that, if only you walk long enough.”
― Lewis Carroll, Alice in Wonderland
I think it holds true here.