HEY GUYS I NEED HELP CAN OF NEW HERE AM LOST

Hey Guys am kind of new Am really lost don’t know what is going on and what to do am just so lost please guys i will really appreciate it if anyone can help or try to explain on how i can get started

Help with what?

How the forum works?
How to solve machines?
How to solve challenges?
How to …??

Type your comment> @Center said:

Help with what?

How the forum works?
How to solve machines?
How to solve challenges?
How to …??

yes Bro

Type your comment> @Center said:

Help with what?

How the forum works?
How to solve machines?
How to solve challenges?
How to …??

am f*cking Lost

Type your comment> @Center said:

Help with what?

How the forum works?
How to solve machines?
How to solve challenges?
How to …??

How to solve machines? YES
How to solve challenges? YES
How to get started

I think I can safely assume you are a total beginner at this.

The main focus of HackTheBox is to offer it’s members a chance to practice/learn penetration testing by making self-made machines available which consist of particular vulnerabilities which have to be identified in order to score points.

Each machine has it’s own ranking (easy, medium, hard, insane). These rankings determine how many points you get but also how advanced your exploits and pentesting techniques have to be.

For each machine you get the IP-address of that machine. You have to employ reconnaissance techniques in order to gather information about the machine and figure out one or more attack vectors.

Once you gathered access to the machine in one way or another it should be possible to read the user.txt file which has a standard location on a machine. After gaining user rights the goal is to find further attack vectors in order to escalate privileges from the user to root/admin which is generally the highest privilege on a machine.

We would prefer the standard locations for the flags:
Windows
user.txt: C:\Users\USERNAME\Desktop\user.txt
root.txt: C:\Users\Administrator\Desktop\user.txt
*nix
user.txt: /home/USERNAME/user.txt
root.txt: /root/root.txt

Hope this helps.

Most (?) members use Kali Linux which comes with hundreds of tools which can help you gather information, exploit and escalate through the machines.

I would sincerely advise you to watch IPPSEC video’s on YouTube on easy boxes like Jerry, Lame, Bashed, Poison.
He explains in great detail and very clearly how to attack a machine. You can learn tons from him.

Note: in order to work along IPPSEC you have to have a VIP account in order to complete the boxes mentioned before. They are retired and only accessible if you have a VIP account.

1 Like

Type your comment> @Center said:

I think I can safely assume you are a total beginner at this.

The main focus of HackTheBox is to offer it’s members a chance to practice/learn penetration testing by making self-made machines available which consist of particular vulnerabilities which have to be identified in order to score points.

Each machine has it’s own ranking (easy, medium, hard, insane). These rankings determine how many points you get but also how advanced your exploits and pentesting techniques have to be.

For each machine you get the IP-address of that machine. You have to employ reconnaissance techniques in order to gather information about the machine and figure out one or more attack vectors.

Once you gathered access to the machine in one way or another it should be possible to read the user.txt file which has a standard location on a machine. After gaining user rights the goal is to find further attack vectors in order to escalate privileges from the user to root/admin which is generally the highest privilege on a machine.

We would prefer the standard locations for the flags:
Windows
user.txt: C:\Users\USERNAME\Desktop\user.txt
root.txt: C:\Users\Administrator\Desktop\user.txt
*nix
user.txt: /home/USERNAME/user.txt
root.txt: /root/root.txt

Hope this helps.

Most (?) members use Kali Linux which comes with hundreds of tools which can help you gather information, exploit and escalate through the machines.

I would sincerely advise you to watch IPPSEC video’s on YouTube on easy boxes like Jerry, Lame, Bashed, Poison.
He explains in great detail and very clearly how to attack a machine. You can learn tons from him.

Note: in order to work along IPPSEC you have to have a VIP account in order to complete the boxes mentioned before. They are retired and only accessible if you have a VIP account.

Thanks Bro I really appreciate it thanks

start with nmap

Type your comment> @peek said:

start with nmap

Can you explain more bro Please

  1. connect via vpn with openvpn muzec.ovpn (you get it in access menu)
  2. Luke machine has IP 10.10.10.137
  3. nmap 10.10.10.137 (for a quick scan)
  4. then watch some videos for more details

Type your comment> @peek said:

  1. connect via vpn with openvpn muzec.ovpn (you get it in access menu)
  2. Luke machine has IP 10.10.10.137
  3. nmap 10.10.10.137 (for a quick scan)
  4. then watch some videos for more details

ok thanks bro for the head start

@peek said:

  1. connect via vpn with openvpn muzec.ovpn (you get it in access menu)
  2. Luke machine has IP 10.10.10.137
  3. nmap 10.10.10.137 (for a quick scan)
  4. then watch some videos for more details

Are You on Whatsapp???

no whatsapp.
try to read some posts in the forum, there are threads for the newbies.

Type your comment> @peek said:

no whatsapp.
try to read some posts in the forum, there are threads for the newbies.

Thanks bro let me check i really appreciate it

Just read some write ups in the specific forum to see how HTB works.

What is your history with computers in general? Do you have experience in networking, system administration, web design, virtualization, or software development? Understanding your previous experience with computers may really help us point you in the right direction of where to start.

Type your comment> @Dutch said:

What is your history with computers in general? Do you have experience in networking, system administration, web design, virtualization, or software development? Understanding your previous experience with computers may really help us point you in the right direction of where to start.

Only web design be can of new to the hacking field

If you guys can point me to the right direction i can learn fast

And thanks to @peek is been teaching me alot of stuff

I really loved the courses by Zaid Sabih on Udemy, both “Learn Ethical Hacking From Scratch” and “Learn Website Hacking / Penetration Testing From Scratch” may be of interest