Hello friends !!
Just decided to start a discussion and say some suggestions for HackTheBox which I think can make our experience better
So I wanted to discuss about 2 things :
- The unfair behavior of some players who change the credentials on a box and make this box unfinishable without a reset .
- The Cron jobs which take too much time to execute (Example: Every 4 minutes) .
1)Basically , i’m part of eu-free lab and on some boxes , Some members change credentials of a key service , that stops our advancement on the box until we reset it (generally 20 points boxes like Jerry or Netmon as they are more accessible by their level) . So my suggestion would be that the author of the machine or a moderator/admin configures a background process or a scheduled task which restores the credentials of the service as they should be (Example : On Jerry , a background process which restores the tomcat-users.xml file as it was then mrh4sh created the box . Of course that process/scheduled task must be secured and out-of-scope in the pwing of the machine ! ) .
- Like I said , I’m part of eu-free lab (I’ll become V.I.P soon ) and on that lab there is many players , and on machines that require to exploit a scheduled task , our payload is often overwritten by others members who are in the same situation as us (trying to abuse the scheduled task) . So my suggestion here would be to reduce the interval of time when the task is executed 2 times (Example : executed every 5 minutes → 1 minutes) as it doesn’t change the scenario of the box just the time we are waiting and reduces the chances to get our custom task overwritten !!
Hope you will take this in consideration and don’t hesitate to discuss about it .