#modules

Ok thanks

also on working with web services when I trie to install apache2 it fails because of dependencies is it to test my skill with package management or it is not supposed to do that ?

@spark wyvern first I couldn't install apache 2, but i did it with this command:

Sudo apt install apache2 -y

Idk if you need it

I went sudo su
then apt install apache2 -y it runs but I get dependencies errors

Then try:

Sudo apt update

After this:

Sudo apt install apache2 -y

update upgrade ok thx

Try it

thx

Let me know

yup

Does it work?

XD

Have you install it?

Apache2

not yet need to upgrade first

Ok 👍

Try it

And

ok install apache 2 OK

shokran

enough for today Thanks HTB GREAT tool and thanks community

Yw my friend

I have begun my HTB Academy and I do not understand what the phrase "proof text" means. When I google it references bible passages. There are no bible references on the web page that pops up. Can someone tell what I am supposed to look for to answer this question? "What is the proof text displayed in the Target website you browsed?" I do not want the answer only what "proof text" means... I was told "Proof text is basically your flag" but I do not know what "your flag" is either. Someone please explain I have been stuck on this page all day because I do not understand the terminology, there is no help button
and google does not define it.

The flag is a hash string that you copy past into the answer section to prove that you have completed the challenge. It will be in a txt file or will display on the screen as : Flag: 32432snsdjisn93f902nfi2

Sometimes it will look like HTB{randomhash}

Thank you @sudden summit there is no "flag" mentioned on the webpage. so now I am back to aquare one. What is a "proof text"?

Proof text is the hash.

32432snsdjisn93f902nfi2

something like that ^^

and that should be on every web site?

no. Its for hack the box to show you have completed the task.

Not related to pentesting websites. Its just for the academy questions.

so the answer to the question would be "a hash"?

it may also look like HTB{welldone}

yes. In your answer you need to copy past the flag.

Which is the hash or HTB{}

but i do not know where the hash is

Thast what you need to find. What module are you stuck on?

I'm a noob, the first one.

the fifth page

Spawn the target system in the questions section

then browse to it.

i figured it out!

haha well done.

NICE I NEEDED THIS 🤣

how to receive post request on server-side, given that netcat is not available on target server? Give me a hint ..!!!!

Module: File Transfer
Section: Windows File Transfer

Am I missing some commands available on powershell or do I need to think a broad?

Hi guys i am new to the academy and i started with Windows Fundamentals.. buuut i have a problem Introduction Section. I cant seem to find the ip address of the machine i need to remote desktop to and cant log in in that machine. Can you give any hints how can i do it?

there is a button to press to launch the isntance

what do i need to put in here?

love 😆

i'm just starting Learning Process

Add me to the medium-modules, I am practicing that..!!!

you need an account on hackthebox main site and verify here to access the other channels

if you are tackling medium modules you are capable of creating the htb account 😉

I have created the htb account

What should I do on my account to join medium modules?

ummm someone pls?

@rancid badger read #welcome and follow the instructions

@odd python the flag you get when you are successfully logged in as an admin

Do i need to brute force into this?

Because all i get from instructions is the guest cookie....

I have hackthebox account without subscription, is that a reason?

no - if you read welcome and follow the instructions you will see how to verify

no brute force. play with the cookie and see what it is / what it represents

@tough fjord can i pm you?

you can but you'll just get the same information dude

look at the cookie and compare it to what it shown on screen when you login. then think about it logically

I am unable to figure out, I am unable to message on that channel but see the messages

Hello, help me please with a question ! What is the name of the network interface that MTU is set to 1500?

ifconfig doesn't help

tun0
eth1
eth0

the answers are not correct

May be some network utitlities help, so keep thinking of how to see them?

@odd python pay attention to yr login name when u log in as guest and the cookie

hello again, i'm still stuck on the 2nd question on hardening tips section on file inclusion module, i can't figure out how to use the curl command to execute a .php file , the section doesn't mention it (or maybe i'm blind)

#welcome its a channel. Read all messages

I can’t get more of this information!

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
link/ether d2:c7:2b:68:9e:26 brd ff:ff:ff:ff:ff:ff
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
link/ether d2:43:d0:8e:8a:f0 brd ff:ff:ff:ff:ff:ff
5: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN mode DEFAULT group default qlen 100
link/none
6: teredo: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 500
link/none

which section are you dealing with?

Okay, I figured it out. Thanks!

Good stuff dude

@soft geode What module is that?

LINUX FUNDAMENTALS

LINUX FUNDAMENTALS

Are you running it from parrot or the target you ssh into?

i run it from Parrot

I guess I misunderstood the task

Yeah. They are to be ran on the target

how to launch on target?

http://prntscr.com/w4p1ss

you've launched it

ssh to the ip address in that screenshot usingthe credentials also in the screenshot

There is GUI for ssh in parrot. Do some research...!!!

i cant talk in general

and i am so confused

i just randomly clicked servers and here i am help

you need to verify your account to access the full server

read #welcome

On linux fundaments module https://www.inlanefreight.com cant connect to database. https://imgur.com/q0QOlUb.png its ok?

we're working on it

oh ok

hi man

Thanks bro everything worked out!

how can I exploit nginx ?

On Linux fundamentals "Service and process manager" the systemctl command is asking for a password, does any know that one. I tried everything from username to password and even the brackets after the connection is made, nothing😩

try without sudo

hellp me pleasy ! I do not understand the question
Use "systemctl" command to list all units of services and submit the unit name with the description "Load AppArmor profiles" as the answer.
i use command systemctl list-units --type=service
get response apparmor.service loaded active exited AppArmor initialization

what answer does she want from me?

try piping it to grep?

oh I see what you are saying, I don't remember this one

I piped it to grep

It wants the service name

i used command
ps -aux | grep apparmor

response
htb-stu+ 6789 0.0 0.0 13144 1100 pts/0 S+ 19:42 0:00 grep --color=auto apparmor

you listing process instead of services, output could be diff

With systemctl you can check every service

http://prntscr.com/w4wfi8

grep it

please show me example

systemctl | grep description

with grep you can find text or patterns

this command
systemctl | grep description
responce zero reaction

replace "description" with the task requirements

http://prntscr.com/w4wi9u

Do the same grep that your doing with ps -aux

First check what You doing:
you are using ps to list process instead of use systemctl to list services

Then, you are doing grep ok, but You are doing grep to the wrong command

So, systemctl | grep "Your_pattern"

Replace your_pattern with the thing you want to find

Could be a string, a number

In this case You want to find the word apparmor

http://prntscr.com/w4wk3x

Thats it, check what of these services have the description that the task tell to you

You can do it in other way more easy, grep the description of the service that the task tell to you, so you grep "All description here"

Thanks bro everything worked out!

Btw check the order of systemctl, the structure, first you have the service name, then you have the status, and then You probably have the description

Good job 😄 Please delete your last photo to not give the totally answer to other users

😁

Have a great day!

same to you !

Hi, I'm in Linux Fundamentals > Workflow > File Descriptors and Redirections

1. How many files exist on the system that have the ".log" file extension?
   I tried the Following:
   apt list --installed | wc -l

I mean the only thing I can think of doing is to count the number of directories in /usr/bin/. At the moment, I'm trying to think of a way of doing that. And, I'm still not sure of whether or not it's where all packages are stored to begin with. Any tips?

Nvm. I installed tree earlier and forgot about it. Lol

That task is getting to me too! I just can't seem to crack it.

oh

i solved that one

pm me if you need help

apt list --installed returns the number of installed packages. You need to find files in entire system whose names end with .log

How did my name suddenly change to del_ something 👀

the bot auto updates account names to match htb names

you may want to check your account

Hello, still struggling with this npm. Nothing found on web I tried worked but works on what I saw. sudo npm install http.server -g (as port 8080 is by default if not mentionned from what I understood)
Am I close ? Any slap in the back to make me closer ?
thank you

try running it as if 8080 was not done by default

sudo npm install http-server -p 8080

tested this no success

sudo npm install -p 8080 http-server
sudo npm install -g -p 8080 http-server
aswel

imagine it is already installed

Hi, for the linux fundamentals I'm stuck with the question "How many services are listening on the target system on all interfaces? (Not on localhost and IPv4 only)"
I tried htb-student@nixfund:~$ netstat -l | grep -v localhost | grep LISTEN | grep -v tcp6 | wc -l
93
can someone guide me what is not correct in my command please

remove wc -l and look at the list, the questions only want ipv4 only

all not needed filter it away

Thank you

Hello
npm start --host 127.0.0.1 --port 8080
tested this no success

I tested a bunch of them

sudo npm start http-server -p 8080
sudo npm set http-server -p 8080
sudo npm config http-server -p 8080
sudo npm config set http-server -p 8080
sudo npm init http-server -p 8080

It is not FUN for DA MENTAL 😂 🤣

We should be able to buy the answers with cubes 👹 😂

also tested sudo npm start node-http-server -p 8080 and friends no luck there neither

http-server -a localhost -p 8080 The answer is somewhere close

very very close

😁 bro its very easy

Linux Fundamentals > Workflow > Filter Contents
Use cURL from your Pwnbox (not the target machine) to obtain the source code of the "https://www.inlanefreight.com" website and filter all unique paths of that domain. Submit the number of these paths as the answer.

I've tried to grep the output.

I'm assuming you have to redirect the output into a .txt file and then filter from there?

hello again, i'm still stuck on the 2nd question on hardening tips section on file inclusion module, i can't figure out how to use the curl command to execute a .php file , the section doesn't mention it (or maybe i'm blind)

@hollow garden The way it seems to be used, at least in the Linux Fundamentals course is that it takes a url and will return the website source code and allow you to inspect it.

Ex. curl https://www.inlanefreight.com

@rare bolt yes, but how to i execute a .php file with it then ? I mean, thats what i'm supposed to do if i reffer to the hint

@hollow garden Can you copy and paste the question?

Hi, for the linux fundamentals I'm stuck with the question "Determine what user the ProFTPd server is running under. Submit the username as the answer."
I tried htb-student@nixfund:~$ ps -aux | grep ProFTPd
htb-stu+ 6108 0.0 0.0 13144 1040 pts/0 S+ 15:23 0:00 grep --color=auto ProFTPd

But the answer htb-stu+ is incorrect
Can someone guide please

im stuck on the To get the cubes back from this module, answer the following question. What is the difference between the two numbers of the learning progress mentioned above? and the numbers are (1.00)365 = 1.00
(1.01)365 = 37.7

can u guys help he?

@spare turret the answer is in the question itself "difference between the 2 numbers"

thx

@rare bolt "Edit the php.ini file to block system(), then try to execute PHP Code that uses system. Read the /var/log/apache2/error.log file and fill in the blank: system() has been disabled for ________ reasons."

the hint :Place a PHP File in /var/www/html/ which contains a PHP Webshell using SYSTEM(), then use curl to execute the file. Be sure to restart apache after editing the PHP Configuration!"

i put th ans in and it was incorect

can you maybe give me the ans?only this one ttime/

?

Hint: You have to filter something to get the right number - you're close

I don't know. Lol

What is the name of the first section of this module?

😆

look for the title of the module

white color

bigger font

?

i need so much help

you are doing page 3 of introduction to academy right ?

yes

okay

take a look at ur sections

how many sections are there for that module

lemme check

just tell me the numbers, will do

7

or8

okay

so type the first section as your answer

got it ?

yea

im so stupid bro

Hi, for the linux fundamentals I'm stuck with the question "Determine what user the ProFTPd server is running under. Submit the username as the answer."
I tried htb-student@nixfund:~$ ps -aux | grep ProFTPd
htb-stu+ 6108 0.0 0.0 13144 1040 pts/0 S+ 15:23 0:00 grep --color=auto ProFTPd

But the answer htb-stu+ is incorrect
Can someone guide please

Hi this questions: What is the name of the first section of this module?
I know I'm stupid. I am new and today I am experimenting

Someone has already gave out pretty clear hint to your question @tropic field
Just look few messages back

ok

I am reading, but I am not understanding where I have to click to see how many sections there are for that module

Look at the whole page.

Where I have to go? please, I am new and I would like to enter this world

You don't need to go anywhere. It is on that page. 🙂

I'm going crazy where

I can't say more without giving the answer. It is right there. Take some time and read the whole page.

I am not succeeding. I've tried everything, I'm not sure where to go

How many services are listening on the target system on all interfaces? (Not on localhost and IPv4 only)

I've tried so many variations but it seems like all of them are wrong. Could someone give me a hint for this one ?

My last try was with: netstat -nl | awk '{print $6}' | grep LISTEN | wc -l

Have you looked at the output of netstat?

Your current command is gonna be showing stuff on ipv6 and localhost as well

Your filters arent answering the question.

@tropic field Try taking a break for a bit and coming back.

can anyone help me with this I don't understand what they are asking!

Basically you have to log in as the user provided and you have to find a way to escalate to admin

the hint says something about cookies but I dont find anything useful the cookie is just an user cookie

In the section's material there is an example

Have you tried modifying it? And seeing what happens

yes the cookie was base64 encoded so i decoded & changed the name form guest to admin & tried requesting with that

@unborn scaffold let's move this to DMs, so we don't spoiler ppl here

I'm struggling with the next one 😩

sure @pastel narwhal

You can message me directly if you want

the DELETE section ?

Yeah, I think I've uploaded the flag.php correctly. Now I'm stumped lol

I'm curious as well. I don't understand why it says, "try to get admin", but it's already pointing you to the admin directory when logging as guest. Also tried decoding the base64, editing and encoding back to b64 to no avail.

pay attention the page when u login as guest, and match it with the cookie

You're on the right track.

hi

i had a question

will i need to use

kali linux

as soon as i start learning cybersecurity and networking

Can do. I prefer Parrot OS though.

what's the best os out there for ethical hacking and pen tests

Not necessarily no. You can technically work of any Operating System. Some flavor of linux is helpful but not required. Just be ready to do a lot more jumping through hopes as far as tool setup if you opt for Windows for example. Having a VM is sufficient though.

Best is relative. It depends on the opinions and experiences of the person you ask.

i'm currently working with linux

is it enough..??

Thats a matter of personal preference

what do you guys prefer

cuz i'm new to this

my actual speciality is web development

but i've shifted my interests towards cybersecurit

Just try different ones and see what you like working with.

for pentesting Kali your best option. It comes with hundreds of tools preinstalled for pentesting.

I prefer Kali, Parrot is great as well

for pentesting at least

I will give it a try - thanks for the hint

In the Obfuscation section, the decoding question says to send a curl post to serial.php with the decoded flag... but when i add the -d "serial={decoded} I get it to return the encoded message from before... and i not using the -d right?

Turns out i was doing it wrong.

So I've uploaded the php ... anyone got a hint for me?

You should be able to browse to php you uploaded if it was done correctly

I guess I've done it wrong somehow then 😦

Check for a space between cat and /flag

yea there is. Just coming up as a blank page. I've obvs put it in the wrong place.

Try and test by uploading a simple txt file to narrow down where your mistake is.

txt with some txt inside. If your getting a blank page with the php file and not a 404 error then youv uploaded it correctly only the php syntax is wrong

mind if i DM you how I've uploaded it?

yeah no problem

Why the website doesn't load at burp?

To this question: Based on the commands you executed, what is likely to be the operating system flavor of this instance? (case-sensitive). I am in the system where all the specs are written, but I don't understand which one is right

Otherwise, following the instructions, I went to the bash terminal. But when I enter uname -a I don't know what to do anymore. I press enter but it goes to the end

Ive had that before. I just shut all the programs down, refreshed the target and started over.

@tropic field If have the problem yet DM me if u want

okok, ty

hey guys, I am having problems with the Linux / Service and Process Management. The task "Use "systemctl" command to list all units of services and submit the unit name with the description "Load AppArmor profiles" as the answer.". systemctl show the apparmor.service, but neither the "apparmor" nor "apparmor.service" work. Am I missing something? Thanks

Thanks I've didn't saw the correct question but now I understand the mistake I've made - I was now able to solve it with few adjustments. - many Thanks

Hey guys I'm doing the linux fundamental module and I'm struggling with the find exercise.

"What is the name of the config file that has been created after 2020-03-03 and is smaller than 28k but larger than 25k".

I used
"find / -type f -name *.conf -newermt 2020-03-03 -size +25k -size -28k"
and it's not working.

Its not working or it prints out alot of stuff ?

Sorry, it works but it prints a lot of stuff including directories

Have u learnt how to redirect output ?

You mean using either | or ; ?

Redirection like < or >

I see no I haven't, i guess I'll look into it now. I just thought from the example it gave that the find function should filter it to options already set. So to clearly understand is the command that I wrote that prints all those input matches the filter I placed in?

I guess thats later in the page u will learn

Try to play around w grep. Everytime u grep it will highlight the word fr u

Cheers mate! Will do

Use cURL from your Pwnbox (not the target machine) to obtain the source code of the "https://www.inlanefreight.com" website and filter all unique paths of that domain. Submit the number of these paths as the answer.

I'm stuck on this question. I've tried to grep the output based on https://www.inlanefreight.com but I don't see any "unique" paths with number just few js version Numbers like 5.4.4. Can someone explain me please how I can format the output corrently ?

help

q2

Have to keep on filtering till u only see domain path .

guys

whats scorpion 3.0 it s a game???

Hello guys !

I need some help in the web fundamental room

curl https://www.inlanefreight.com | grep https://www.inlanefreight.com | sed 's/.*https://g' - I still only see the Js Versions and not more. Anyway thanks for the hint. I think I have to search until I go crazy..

hello

i need help in file inclusion assessement

Assess the web application and use a variety of techniques to gain remote code execution and find a flag in the / root directory of the file system. Submit the contents of the flag as your answer.

i was able to get the php code for the index page

<?php
if(!isset($_GET['page'])) {
include "main.php";
}
else {
$page = $_GET['page'];
if (strpos($page, "..") !== false) {
include "error.php";
}
else {
include $page . ".php";
}
}
?>

i can see that it is appending .php extension so i tried null byte but didnt work, most likely because it is a new version of php 7.3, I tried to use remote file inclusion, i created a file on my webserver and added it to the link still not working

any help or hint will be greatly appreciated

Hi, I finished the introduction course at the academy. Which module do you recommend to start with?

i want to start learning ethical hacking

any ideas where to start

Hi i am currently doing the file transfer modules and have the following task: Upload the attached file named upload_win.zip to the target using the method of your choice.Once uploaded, RDP to the box, unzip the archive, and run "hasher upload_win.txt" from the command line. Submit the generated hash as your answer.

My question is: How should I upload the zip file to the target? If I download it, it is stored on my Windows host system, but without VPN I cannot upload it to the target...

Go for the Tier 0 modules

I tried connecting via vpn and uploading it via Win Powershell but the server responses with "403 unauthorized"

where are those

Https://academy.hackthebox.eu

did you solved it ?

Soo im stuck at linux fundamentals > system information > what is the path to htb students mail. Could someone help me with this please? I cant find it

Hello all, i am on the WebRequests, and on the Request and Responses part, i have this question " What is the HTTP method used while intercepting the request? (case-sensitive)", i already respond corret to the 2nd question, but i dont know this. Somebody can help me? Thank you all.

Yup.

are you stuck yet? If yes dm me

I've tried --lock, --lock --expiredate

various other options ;p

What module is it_

?

Linux Fundamentals/User Management

Try refreshing the page

And try what you have tried before

bc you have the right answer

Wow, ty lol

I was in the same problem two days ago haha

I am stuck here too, is there any hints with only 2% that won't completely give it away lol

hello, I’m trying to connect to a VM via ssh but when you ask me the password is not accepted

Trim the fat ;p

just copy and paste it to prevent misspelling

Can someone help me with this question? = " What is the name of the network interface that MTU is set to 1500?"

ifconfig?

What should I find in ifconfig?

I found it thanks!

Right on 🙂

Does anyone know of a reason that may ffuf to run painfully slow?

I feel it depends on what u fuzz, or connection or hardware . Something like that .

Fairs

Hm let me see . 1% will be =

After decoding yr cookie without changjng anything, does it look the same with the login message ?

In Linux Fundamentals it mentions "It is highly recommended to set up our virtual machine (VM) locally to experiment with it." Where can I download this VM?

look into virtualbox and a ubuntu vm

Message #modules

Thanks @wispy tree

Hi, Stuck with the CURL question on linux fundamentals. "Use cURL from your Pwnbox (not the target machine) to obtain the source code of the "https://www.inlanefreight.com/" website and filter all unique paths of that domain. Submit the number of these paths as the answer." I tried several ways . Downloaded the file using curl to curl.txt and the last command I tried was - cat curl.txt | grep https://www.inlanefreight.com/ | grep -n href | sort --unique . Can you guide me here please

What is the version of the Apache that the first target web server is running on? (answer format: X.Y.ZZ)

i didn't understand this question

any help ?

Hi guys, I'm replying to this message to point out that -at least for me- the question was not clear;
I've interpreted the "Not on localhost and IPv4 only" as I had to consider all the interfaces (localhost, ipv4 and ipv6), maybe I was interpreting it as "not only on localhost and ipv4" ..idk, probably is my lack of grammar, but have it written as "Not on localhost, IPv4 only" would have been better 😄

hello again, i'm still stuck on the 2nd question on hardening tips section on file inclusion module, i can't figure out how to use the curl command to execute a .php file , the section doesn't mention it (or maybe i'm blind)

Isnt the hardening question about examing what happens when you try to run it? Checking error logs

Rather than actually getting code exec

I'm getting an issue in finding total package installed on the target

I already tried apt , dpkg

To list package installed and saving the result and then using wc -l to find total number

But the answer is different I guess

just google it, found the solution in the first results, but no explanation of the differences from one command to another

Okay thanks I'll try that

Look at the output of the commands

Wc will count all lines

Maybe some of the lines are not relevant to being an installed packagr

@tough fjord yes, but to get an error log i need to exe it right ?

No. Im pretty sure it tells you to sign in so you can see what is happening in the logs when you try to exploit jt

Hello, I'm currently having an issue with the "Linux Fundamentals" module

What is the issue?

@tough fjord well i tried looking at error logs but nothing about system function

In the "System Information" section on the module, I'm unable to ssh into the target server with the provided password.

You need to type this command:

Ssh username@target_ip

and click on enter

Then type yes and then type the password

You will find the username and password and the target ip with the question

Awesome - thank you.

You're welcome

As for the final four questions of that page, are there any other outside resources in particular that I could look up in order to find the answers?

Hey I have a problem

I have to connect to a network using ssh but I can't figure it out

which module?

Linux fundamentals

ssh username@target_ip

ah ok

I'm unable to find the proper command for "What is the path to the htb-student's mail?"

You have to check the question they asking for the mailbox of the user not the general one.

heyyy thanks

it worked

How exactly do you find it? Not looking for answers here, just general guidance in order to further understand what I'm working with

check out all the commands you learned

Am checking, thanks

U got 1 extra character that is not needed

Its all on the same page .

Okay, thanks.

Hello, in the POST method, i have not clear the answer that i have to submit.

anyone can help me?

Linux fundamentals => Filter contents => Use cURL from your Pwnbox (not the target machine) to obtain the source code of the "https://www.inlanefreight.com/" website and filter all unique paths of that domain. Submit the number of these paths as the answer.

hi, i am stuck at this point, i don't get it clear about the unique path, it just take the path or with the filename ? going crazy right now

I'm stuck on this also, but I think you need to grep the number of www.inlanefreight.com incidences in the source code and count them. Not sure tho

Message #modules

already did, but wrong answer lol

same 🙂

should we bruteforce the answer from 1 to 100 ? lol xD

lol thinking about it

lol I just did it 😆

All instances of the domain with dirs. Then only count unique ones

okay, thanks for the clue

hi all, can someone give me a hint on the Linux Fundamentals module?

Need to be a bit more specific

sure, I'm on the File Descriptors and Redirections page, and can't answer the 1st question, "How many files exist on the system that have the ".log" file extension?"

I've ran the command "locate *.log | wc -l", got 24, but the question is not taking that as a answer

Try using find instead

thanks!

So every dir of that html page?

Every url for inlanefreight

hey can any one tell me how to get student discount for HTB if i dont have student email id

I haven't noticed that discount for student exist in HTB, how can I get one?

Also stuck, let me know if ya'll are able to figure out any specifics

Can someone help me understand web requests GET module? im not sure where the flag.php is coming from as it was not mentioned in the section. this is part of the questions at the end.

Pinging you in DM

I got a really easy question - why cant I make this symobl in bash ` ? I need it for the PUT and DELETE Question and can't even make the symbol in vim.

Ive made it. Whats your keyboard layout

Switzerland German - I even changed it

Wdym with every url?

As in you need to count all the unique full url for inlanefrieght

So I need to filter the url with grep

Yes

And remove the other junk

Oh ok

And use wc -l

To count

Once you've got unique ones

Alright

Ty

And for the second question

I used this command:

Ps -au | grep ProFTPd | wc -l

Something wrong with this command?

You need to only count uniques right? That cmd will also count duplicates

So see if you can find a way to sort out the unique ones

What do you mean with unique?

So 1 of each?

it is the same. as the login message.

Unique list would be a list with only one occurrence of each line

Only one occurrence of each domain/path etc

Oh ok

I am now using Cut

But it don't works well

Do you have the exact question from the task?

Cut -d "/" -f1

Yeah this is the question:

Use cURL from your Pwnbox to obtain the source code of the "https://www.inlanefreight.com" website and filter all unique paths of that domain.

Submit the number of these paths as the answer

Alright, and what do you have so far

I have found the paths with grep

Like grep https://www.inlanefreight.com

But there are other things

So i need to cut but idk how cut works

I guess

Hello ! On the File inclusion module, trying to do the final test ! This is my first time going by myself, so I don't really know where to start. Do I need to try every single technique that is shown on the module and hope that it'll work ? Or is it better to try to get more infos on the machine ? And if yes how ?

Lets say you have a line which looks like this
field1;field2;field3
You pipe to cut, set the delimitor to be semicolon with -d ";" and say you want to get field 2, you set it as -f 2

Yeah

So it would be cut -d ";" -f2
Thats how it works in simple terms

But how with urlsl

Url

Like href="https:// ....

I can't find any semicolon

anyone got an Idea why I can't upload with curl -T flag.php

Semicolon was just a general cut example. I solved mine using regex, but there's definitely ways of solving it simpler for non-regex'ers. Trying to think something out

I tried

With this:

Cut -d "." -f2

Is flag.php in your current directory?

Because url have dots

I got a list with url

I added wc -l

But answer is wrong

The task is asking for unique URL's

So see if you can sort out the duplicates

Oh

I will count

😂

No you wont

Oj

Oh

You will find the correct cmd :)))

Ok i will tey

Try

it's just one pipe, you can do it

Alright

1 tip

Is it wit cut?

Or other command?

Negative

You want to sort them unique

Oh ok

I will rey5

Try

You can do it

I think I found a problem - just have to reset the whole machine I will give you a feedback (yes it is in the current directory)

Gotcha. I don't see a reason for cUrl to not work as the --upload-file/-T flag is using PUT

I was able to get it figured out. Thanks.

@wet swallow the aim of the exercise is to get you used to being able to extract that type of info from a file.

Oh ok

I will try everything

As you may need to do this next time and use those urls to scan something

Oh ok

Sorry

Its worth the struggle now. As you will benefit in the future

Yeah your right👍

Lots of pentesting is taking large amounts of data. Quickly pulling out what you need and then using that in another tool / scan. The quicker you can do those things the more effective you become

Oh thank you for this👍

now I know

npm question done

Can anyone please help me?

How and where do I spot a non-standard directory

And what is it? I can't find any useful information on it online

If someone actually replies please @me

Please

Whats the context @hoary quest

Non-standard as a non-system generated directory?

I'm on the fundamental modules on operating systems, I'm new to this, I'm not sure. I can send the question if that helps?

"Find the non-standard directory in the C drive. Submit the contents of the flag file saved in this directory."

I've been stuck on it for hours

Okay. I haven't done the Windows fundamentals module myself, but I guess you may need to enumerate the directories in a way. I.e. figure out whats supposed to be there and whatnot. Manual enumeration is a thing (crawling through directories yourself), or scripts.

So unfortunately I can't nudge you in the right direction here, not having done it myself. But now that there's more info here, I'm sure someone will come up with something soon

Thanks for the help, can you explain roughly what a non-standard directory is? There is a lot to look through lol

If I have to guess, something not added by Windows itself

Something user-generated

It's just a small section of a fundamental module, so it's probably not deep (if this is the way of solving it). Once you know how the Windows structure is, it's easier to spot abnormalities. Good luck, I'm hitting the hay now

Thank you for the help :)

I need help

Which option needs to be set to execute a command as a different user using the "su" command?

It's sudo afaik

from linux fundamentals

i'm stuck at here

Guys I am stuck

Idk I looked for hours and tried possibly everything but still dint get the mail directory for htb-student

I am talking about the Linux fundamental module

Pls I need help

try every single command on the workstation

good morning! is anyone around with the patience to explain a couple of things for the Buffer overflow module?

hlw

Can you help me a bit ??

i can try

pm me

@gray ginkgo pm me, haven't looked at the module but I may be able to help.

Can somebody elaborate on what I'm supposed to do within the Web Requests POST Module?

The goal seems to be to log in to guest to get the admin token.

@civic marsh the goal is to elevate your self to admin and get the flag

@wraith walrus have you googled it? And if so what did you google.

Thank you, I'll try again in the morning @summer silo

While I have you though, is this something that can be done using only Burp? @summer silo

I did it using burp

Not sure if its there are other methods tbh

so do you mean this is the only way to get to the next page? been having the same problem here

I did it yesterday, you should check the hint, it’s easier than you think

I'm also stuck on the POST question, I guess getting to something like "Admin panel...Welcome,<username>" is not enough? I guess the cookie is supposed to be printed on this page?

nvm, got it, it's simpler that one originally thinks

Hey guys, can anyone help me please, I'm lostin section Linux Fundamentals. I've tried a lot's of commands I can't figure out... how you connect to ssh server? do you use FTP? FTP 10.10.10.2 21 ? or are you using another method, I've tried through smbclient and I can't succeed. msfconsole doesn't allow me to connect to the server,please give me a hint how do you connect with the machine, I'm already stuck for couple of days . I'm mentioning i'm using HTB machine from linux fundamentals

It's ssh name@ip

You are already provided with username and password@tiny karma

so, basically, I don't need to connect to FTP? right? I'm a bit lost, I was diving through many websites and lots of information. I think I've lost my path and I get confused. Thank you for your answer. I will try to find out how to get to the solution.

thanks a lot , I finally get in in the right way.. all this time I was trying to connect through FTP, I'm so silly 🙄

That's okay that's how we learn 🙃

From mistake, you right. Appreciate

Okay so I think I've made progress. I've made it to the ||admin's admin panel and can see its user name||. I didn't realize the ||sequence after the guest's name was a cookie. My programming backfround made me think it was just a unique ID denoting the user.||

Now still a bit stuck. Trying to figure out what the question is expecting as the answer.

@civic marsh so your background knowledge was right about it being a unique ID to seperate the multiple guest accounts

Okay, so I see what you mean. I'm not so sure I've access the admin panel or multiple guest panels. Looks like I'm getting "Welcome, ???" where ??? is 3 different garbled strings.

I must be missing something 😂

And the string seems to infinitely change based on the auth cookie.

play with the cookie, decode / modify / encode / submit. Try things out and see what happens

Okay so thank you for the hint. I got it. I wans't aware of the decoding tool within Burp nor did I even think to do that

Not a cyber security guy I guess

Hello guys, I'm new to HTB academy :)
Can I get some help please. I'm really stuck and confused about RFI section

@tough fjord Sorry to disturb, just can't get the POST thing out of my head. This seems to be an example of bad security. I would imagine that's why it's in the beginner / tutorial modules. Would another example of this (perhaps even higher security) be account encryption? So instead of encoding / decoding we'd have to decrypt a password?

yeah this is just an example of a really really bad way of using a cookie for continuing authentication

Gotcha, thank you

Is any issue with the first question of the JavaScript Deobfuscation module known? Pretty sure i've got the flag, but it isn't accepted :/

Okay, forget it. Seems to be a layer 8 problem. Flag was accepted now.

hey guys, can anyone help me at least just a hint about Linux Fundamentals adduser or useradd," Which option needs to be set to create a home directory for a new user using "useradd" command?" I've tried both with Sudo , I actually creat user I give root privilege in visudo, but nothing works.it is an entire phrase or just a letter? adduser -d ... thank you 🙂

check you PMs

Hello guys, I'm really new to this. Can anybody give me a hint regarding the remote file inclusion. I started the http server but I can't see any requests. allow_url_include is also set to on.
I get this: "Warning: include(http://localhost:8080/file): failed to open stream: Cannot assign requested address in /var/www/html/index.php on line 47"
Thanks for your help 🙂

I'm struggling in finding the htb-student mail, can someone nudge me in the right direction?

wait

I might have found it

@dusty atlas look around, check your surroundings, the environment is your friend

thanks. I thought I found it but I was wrong

nevermind. lol I was typing it wrong

I finished almost Linux fundamentals but one thing I couldn't solve

finding path to mail

I tried

/var/mail

/var/spool/mail

But still not working

I'm doing that right now and I have the same problem

@dusty atlas @rain pasture @ivory viper try checking ur environment

Thanks. That worked

I was able to figure it out. Thank you.

good job !

facing issues in running the python scirpts like impacket, GetNpn users etc.
get an error that module not found. But when try to install the package or module it says requirmmet already satisfied.
Any help ?

https://cdn.discordapp.com/attachments/425588397516521484/790870454188900372/unknown.png

Im stuck at the question what the kernel version is on the system. I tried everything but my answer keeps incorrect and i dont know what to do any more. I tried it with the command like cat /proc/version , but also uname -a or uname --kernel-version but all the answer i give with the info i get from the parrot terminal or wrong can someone give me a hint?

have you ssh into the target and ran the commands there?

otherwise the answers will always be wrong as the web vm instance isn't the target

ssh?(Secure Shell?), I dont know exactly what you mean with in ssh into the target, sorry

right next to the questions there is a link that says something like click here to launch target instance

that will then turn into an IP

you then need to use SSH to login to that target using the credentials provided

and that is what you are meant to get the answers from

and the ip i just need to enter in firefox?, sorry really a noob here

no, you need to use ssh to login

ssh username@ip

then it will ask for a password and you give the password it says

oke now i get it thank you

@tough fjord Really thanks i didn't get there without your help

yo guys, why can't i see the htb:serious discussions

because you are not verified?

verified as what

like an administrator

or a moderator

read #welcome

it has full details

Hello ! On the File inclusion module, trying to do the final test ! This is my first time going by myself, so I don't really know where to start. Do I need to try every single technique that is shown on the module and hope that it'll work ? Or is it better to try to get more infos on the machine ? And if yes how ?

#774040485748539423 message

refer to this message

it ask for file name

it doesnt want the path too

thank you ! 🙂

hey I was wondering if someone could give me a push in the correct direction with this one

assuming I need a role for attachements so I'll just copy the question

Login with the credentials guest / guest and try to get to admin. so I navigate to this site and capture the requests and responses with burp , it shows you an Auth token for the guest user

and you need to get into admin but CSRF would require me to know the admins Auth token

so I'm kinda confused

You resolve this?

Yo. Resolve this?

@sonic osprey you are overthinking. There is no need for CSRF.

Yo. Im working through linux fundamentals and am stuck trying to find a path for this problem, "What is the path to the htb-student's mail?" I don't understand why the path wouldn't be /var/mail

Thats a generic path to mail for all accounts

Check your environment

Nope was working the whole day I'll see tmmr morning, btw what shld I check only env values?? Or is there something else

You must to check your environtment, then you must to give the path to the htb-student mailbox

Hi, In Hacking WordPress => Directory indexing, I searched in the directories wp-content, wp-uploads, wp-admin, but I can't find the flag.txt file. I wrote something like this: curl -s -X GET target:port/wp-uploads/ | grep "flag.txt"

I also searched in the sources in the web browser console but I can't find this file flag.txt

try just using target:port/

Web Request, what is expecting here?

To find a way and escalate to an admin account

I think I get it, but I must to find what?

Am I not getting yet?

Welcome, guest_blalala, so I guess you haven't

ohg ok

@nova moss use base64 to understand the cookie ...

I am also stuck on this and have no clue how to get to admin from guest.

if someone could dm me or just @ me or something that would be helpful, thanks, I have used base64 to decrypt the guest auth cookie, but I cannot find anything admin related

Please read the material again

the material contain all the necessary steps

guys can someone help me on installing a vpn called wireguard on kali linux

becuse the steps are hard and i cant understand them

This is not the place suitable for this kind of questions.

then where is the suitable place

like which server..?

More like channel, verify your profile and try asking in #general

Hello, I'v been working on the Web request post Method section, and I have googled it, read through the material, read through this chat log, used burp to decode the cookies from base64 and resend but I am still missing something. I'd really like to figure this out so I can move on.

Never mind, as if by magic, me finally posted this caused me to understand and get the flag.....

For php , type php -h and pass the flag with port

I did the php

That npm one I cant seem to figure out

Hacking WordPress => Directory Indexing => I can't find the file with curl... something like curl -s -X GET target:port/mydirectory/ | grep ? or find ?

thanks finally figured it out

How? :c

stuck with npm too

What you tried so far @split sequoia ?

It’s alright i found the answer, but the hint are opposing

Can someone give me the Apache version of the „Request and response“ task because it’s not working. Can please someone check this

Have you spawned the target

Guys which option needs to be set to exec a command as a different user using the su command

I'm having an issue with Linux Fundemental at Service and Process management section this is the task "Use "systemctl" command to list all units of services and submit the unit name with the description "Load AppArmor profiles" as the answer"

1. I made sure I'm connected via ssh and check for systemctl services like this "systemctl list-units --type=service

2. Command above pop with apparmor.service beneath UNIT and the description of the service is AppArmor Initiliazation. I copied and pasted this severally to the task answer box however, it keep coming back incorrect.

3. After gathering up some solutitons others have tried using this command systemctl | grep apparmor this output apparmor service with a description of AppArmor Initiliazation and another snapd.apparmor.service --------- loaded active exited Load AppArmor profiles managed internally by snapd

4. I copied and pasted the Load Apparmor Profiles managed internally by snapd description into the answer box and this didn't yield the desire answer again.

I need help with this task, please DM me with your help tips. Thank you in advance for taking your time to help a noob here. One Love!

hello, about file inclusion, i don't really understand when do i need to use php wrappers, any help ?

hello

hello everyone

Be more elaborate and maybe I can help. What's the module you're talking about and what section?

I'm not in that module, but I have the logic in my mind

@pearl birch I am stuck on the same task.

how can i help you?

I don't understand the nature of the question. "Use "systemctl" command to list all units of services and submit the unit name with the description "Load AppArmor profiles" as the answer." I can follow until it asks to '...submit the x'. For reference, I have been able to run execute the systemctl and find the apparmor.services row.

as far as i remember after getting the services try to grep for apparmor and you will get the unit name

Thanks

Great... That was what worked for me as well.

OH MY GOD I FINALLY DID THE GUEST/GUEST THING

I AM SO STUPID

if anyone needs help dm me

its simple as hell

Hey guys, can anyone give me please a hint regarding the
Skills Assessment - File Inclusion/Directory Traversal. I've tried everything from the course but nothing seems to work. Thank you in advance ^_^

Wenn installing git should i log in on the system also??

@inland sparrow i don't think so

@wooden wyvern you right i just did something wrong

https://image.europafm.com/clipping/cmsimages02/2020/04/24/884182AA-7611-44B4-99CE-ADCCC08ACD76/69.jpg

In Linux fundamental - User management I try to sudo cat /etc/shadow into htb-student and it says itsn't one of the sudoers file. Was that suppose to happen ?

you need to have sudo privileges to use sudo. If you do a "sudo -l" it will show you what you can and cannot sudo

Sudo=Super User do

thx

Hello, How were you able to solve this issue

How did you resolve this, I got the decoded messgae but get error of wrong answer

what does the message " sorry, user htb-student may not run sudo on nixfund " mean ?

sudo -l

I'm trying to install OpenSSH. Im using the command sudo apt-get install openssh-server. But i need to insert a password. What am i doing wrong?

In local machine you are trying or in ssh

in ssh

Try in local

In which tutorial you are in

in linux fundamentals

What is the task

Sounds like that will be in the Service and Process Mgmt

yes

Are you trying to install it on a local Linux VM or the Pwnbox provided by HTB?

the one provide by htb

do i need to do it on a local linux vm

no

Check it might already be installed.

run the 'systemctl [start|status] ssh' command

Htb machine is not a sudoer

Pwnend machine

the status is active

so I guess you can skip installing it then.
I wasn't sure if I needed to install it myself.

What are you installing

ssh server

I think it was already installed on pwnbox

so you can skip that step in that section

Meanwhile, I have problems of my own :-).
Under Linux fundamentals -> Filter Contents,
I am having difficulty pinpointing the expected answer for - "the number of services listening on the target system on all interfaces?"

I have ran "netstat -ln" for all listening services, and filtered for only tcp/udp (no joy), and also included unx stream (still no joy)

I am not on that module yet but maybe you can use Nmap scan from your local machine

yea I thought about that, but I am on the target machine itself an can list all listening ports. I have to give a number for the answer, and I'm afraid that even if I missed gave a number -+ the answer it will be wrong.

Sorry then bro

Thanks @Mr. Venom. It's seems we are all pretty close in the areas we are working on so we should be able to bounce off each other.
Thanks again though

@frigid monolith @rustic sage thanks I'm a task further maybe I can catch up with yall and help yall out were i can

Cool. let me know when you get to 'Filter Content'

can you tell me how can i find index number of sudoers file

@rustic sage ls -li sudoers if im correct

thnx bro

Im trying to find a config file that is larger dan 25k but smaller then 28. Only i dont get no file that has that kind of data? where do i go wrong?

i use the command :
find / -type f -name *.config -user root -size -28k -newermt 2020-03-03 -exec ls -al {} ; 2>/dev/null

@inland sparrow you can actually specify two -size options within the find command, such that one will be files above a certain size and the other will be for not more than that size, that way you can limit number of files that show in the output of the command

@frigid monolith thanks

just play around by chaning the cookie to the value desired, re encode it and send it forward. You will see the flag on the welcome page when it works

@frigid monolith you can try

Thanks @rustic sage I just tried that but still no joy.

Are you on that section now?

not yet

send me the pwned ip

i will find the answer

I can wait really. that will take away from your time. Don't worry, just let me know when you get there, no rush.

I'm still searching myself.

actually i need your help in previous sec

oh what section is that?

file decriptor

oh right. which of the questions?

both

actually i tried command both on my local and target machine but the result was wrong

So for the first one, use the 'find' command, but take out all the -user -size and all that and then pipe it into 'wc -l'

I think that should be useful

im almost there @rustic sage, i just dont understand what they mean with submit the full path of the xxd binary

the full path of the xxd command on cli

how do u get the full path of a command?

i dont know

this is the question:
Submit the full path of the "xxd" binary.

the binary is the actual command that we run on cli. so remember one of the sections talked about how to get the path of that command

😅

no got it

i go to bed

im just tired guys

hahahaha, yes tiredness never helps.

@rustic sage By the way make sure to redirect errors (fd 2) to /dev/null before piping to 'wc -l'

Just like the sample find command in that section.

like this find -name .log 2>/dev/null | wc -l but i am getting wrong answer

you should list the files that you find first, so that you can count them, and remember to tell find where to start the search from, in this case it is the root directory /

so add the exec option:
-exec ls -al {} \; 2>/dev/null | wc -l

still getting 0

oh just noticed, please make sure you are using:

-name *.log

don't omit the asterix

still wrong answer can you tell me which command you have typed

Not sure I can do that here :), but you can DM and we can work through it.

hi

my xrdp segfaults when i try to paste the clipboard into the win vm. any tipps ? Thanks

How can I find one of the non-standard update services running on the host ? For the Windows Fundamentals Module

guys

i have a question how i can find an apache ver in burb suite ?

burp *

server header

hi everyone, i'm wrapping my head around the POST moethod in the Web Requests module. there is anyone able to give some hints?

I decoded the guest cookie, and I changed the first part to "admin". encoded and sent to the page. Now the page tells me "Welcome, admin_blablabla", but it's not the solution... Any suggestions?

You're on the right track. What else can you change the cookie to?

Hey there! I tried to identify the second part of the cookie, thinking "maybe this is some kind of hash", but nothing... Usually, i expect the cookie to be some kind of session identifier, and in the real world, I'll try to steal some admin sessionID, to resend to the app. right now, i'm out of ideas! 😄

I dont get the answer right on (1.00)365 = 1.00
(1.01)365 = 37.7 because of the language issues.. Im From Northpole.
In the Learning Process box..I don-t get it what is mentioned with that

What is the difference between the two numbers of the learning progress mentioned above?

check the hint

I did.. 36.6

then check your math

Just dont get it..

37.7 - 1.00 = ?

36.6

no

36.7

Sorry.. now i go and run againt the wall with a laugh 😆

Have a Nice Holidays ya all..

with the command dpkg -l | wc -l i get all packages installed i thought. But thats not the correct way can somebody give me a hint. The question is:
How many total packages are installed on the target system?

@rustic sage thanks

Hi question to win fundamentals how do i find the correct non.standart app who is running as the htb-student user ? I tried ctfmon.exe and NordPN.exe but they are not the correct ones Any nuges ? Thanks

😩

How many total packages are installed on the target system? Can someone give me a hint?

If htb-student isn't in the sudoers file what difference would make obtaining sudo's passwd ?

Can anyone give me a hint on the Linux Fundamentals - Filter Unique Domain Paths question. I know how to filter down the list but it will not accept my answer, wonder if I'm miss understanding the objective...

is there anyone awake ?

@patent blaze Sudo does not have a password only the user. If the user is not in the sudoers file but is in diffrent groups than your current user than this can help as you can then execute stuff as the new user with the new group and this may provide you with a way to privesc

@patent blaze also some kernels can be exploited, even if it is discuraged from hbt but it ist still possible

@delicate mica this exersice is very poorly worded and i did not knwo what they wanted from me either. Do they just want the urls oder the whole lines with the urls this is not clear. You will find some of the questions are like this - in the end i just brute forced my way trough that

@inland sparrow use google to find the correct command and then use less to see that you should not count the lines automaticly

thank you so much

So I don't have to get access? Just get the right command line ?

@inland sparrow

@patent blaze what is you specific question ?

sorry

I misunderstood the messages here

@rustic sage @patent blaze thanks i got the solution tho

no worries - what question do you have or did it clear up ?

so so. I'll keep on trying get over the user management part

what module and what section ?

what is not clear ?

linux fundamentals - user management

ok found it

In the ffuf module, RE: adding admin.academy.htb to the hosts file - do you add both academy.htb and admin.academy.htb with the same IP? Do you only add one of them? I'm struggling with the syntax of running a recursive scan on admin.academy.htb and I can't figure out why. Are we ever meant to be writing the domain name once it's been added to the hosts file or only using the target IP?

I've got two questions that I know I have the correct answer for but keep getting an incorrect response. I've got screenshots but don't want to post answers directly in the chat.

@patent blaze what is not clear to you ? What part ?

@obtuse magnet shoot me a DM 🙂

The one I'm in now is Javascript Deobfuscation and the question is in the info.

Will do

Since I do not know all the linux commands, I was searching through the web how I could get around it, and after running :

groups cry0l1t3

is returns :

cry0l1t3 : cry0l1t3 sudo

Based on my knowledge I presume that its telling that this account it belongs to sudo's group somehow.

I also tried to change htb-student and the other accounts with usermod but all those commands require sudo privileges.

When I try to :

useradd --create-home htb-student

it returns:

already exists. I get that answer when I change for mrb3n as well.

If I try to do that with cry0l1t3 it says "permission denied"

@patent blaze ok with groups <username> you get the group this user belongs to. if you use groups without any uder behind, then you get your groups wich are not in sudo as i would guess. why do you want to change the users ? just to experiement ? it is not required to finish the module and it will not work as htb has to preserve a clean envirement...

well, I wanted to change the user 'cause i thought that maybe I could then perform a useradd and then discover the right answer for the exercise, but it seems that this is not required, right ?

BTW, does this exercise need to be done inside htb-student ?

@patent blaze u dont have to change anything . the question ask "which option" needs to blah3

u just have to give them the option that can be found in the man page

I have a question for Windows Fundamental

question about finding non windows thingy or ? 😆

yes

like non standard update service

what's that

i wish i could recall

its hard for me too for that question

i use grep but in powershell way

https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.utility/select-string?view=powershell-7.1

u can refer here if u want

how did u think like that ?

in section Windows service&processes

it can stop this service and not affect to windows

help us to delete this later

ok

thank you

it's wrong answer

question didnt ask for displayname

it ask for the name of the service executable

like exe?

mhm

Hi, I'm bit stucked in the Web Request module, in the POST method, could you give me a hint?

hint says cookies

pay attention to the cookies

I'm doing

But I only see the cookie for the guest

mhm thats the clue

compare it with " welcome , blahblahblah " when u log in

Well, what resources can I see? I have like two days trying

I login as guest and the cookie is guest_blabal

mhm

But I don't know how the admin cookie looks like

#modules message

tbh, i feel this is a good advice , well said too

I don't get the method yet, I understand what he saying but I don't how to apply it

have u tried meddling with the cookies ?

What you mean with meddling? Get the cookie?

u know maybe like tamper the information of the cookie or something

I think I tried but I'm gonna do it again

I still confuse

hahaa

Well I don't get it

it's not found on instruction?

If it is I don't get it XD

I've tried many things but I don't know what to do

I tried

I don't get anything with it

Maybe we're just need to understand the common theory first

mhm

I think I understood it

I'm not brooo

@timid grove Get-Service | ? {$_.Status -eq "Running"} |fl

I don't know what to do haha I have tried lot of things and stucked two days or three

Windows

?

Yeah for Windows Fundamental

i got it!!

nice! I'm stucked yet XD

Hello I am currently stuck at WebRequest GET. Where do I find the values of num1 and num2 in the question?

you must set the values

Would any value work?

Any values that added results in 1337

Oh ok , I think I messed up in typing the parameters. Thanks for the help!

i think we should learning with the same module

may haha

then we can discuss

That is a good idea

Got it

i currently stuck at web request POST method as well

glad i am not the only one

LOL

Thanks a lot!!

no worries man @empty zenith

hi guys im stuck at the web fundaments with the post method. I manged to change the thing and now im in the admin pannel but there is no flag... Where is the flag ? Thanks

guys, how long would it take to become an ethical hacker, like a semi-professional hacker

@rustic sage depens on to much factors, did you work in it before ? how fast can you grab concepts ? do you have any certs in the fild yet ? how much time can you invest etc. however i would say for someone who works in it maybe 2 years to get to OSCP and this is basicly the starting point of being one. To semi pro maybe another 3-5 years there is a liot to learn its like a bacherlors degree volume of stuff so....

lets say if i put basically an hour everyday in studying the theory parts of it and also applying it

for like 6-7 months

and i'm still a high school student in grade 12

Then study it with focus on security

Wdym by semi-professional?

as in like working in-industry?

Cant get the Maschine name with uname.. tried all the possibilities. With Linux fundamentals. Some help?

uname -a and uname -m

What is meant with this question.

I don't think it is enough, still, it depends on your comprehension ability.

maybe what you are looking for is machine "hardware" name.
I was there too, did some browsing to understand the question.

Im looking all the videos etc. and have only Headache.. 🤮

i need help with "How many files exist on the system that have the ".log" file extension?"
ive tried find . -name *.log 2>/dev/null | wc -l
any hints?

The connections of the HTB Viewer is kinda Laggy.

yeah i know, tipp use remina for the rdp windows connections xrdp is kinda buggy

ok im in the local file inclusion section and im wondering: How do i know how many ../ i need to get to / and then down again, this depends on the used technologoy and the sub folders of that tec wich determines where my file is located correct ? So i would have to guess it all the time right ?

i am on the linux fundamentals module i am stuck on this question:

What is the path to the htb-student's mail?
i mean i don't understand the question
can anyone help me a little?

It is asking that the mail will be saved for htb student in which folder

Cant understand the question> Send a GET request to flag.php with two parameters num1 and num2 such that their sum is 1337.

Use cheat sheet to find the main command then change parameters as asked

Don't put the parameters '=1337'

@rustic sage can I dm you ?

I am currently doing JavaScript Deobfuscation, Source Code. I got something like a flag, but it is not accepting it, can someone give me a nudge?

bash right?

but it says wrong *triggered

@drifting iron try to read the whole html code in end of script section you will find the HTB(flag) the whole HTB() is the answer

@rustic sage it should be complete i.e. /bin/shell type

Where the shell information is stored

Thanks! @rustic sage Did a lot of something else instead of that. :D

omg@rustic sage

thx

I'm stuck yet, are you?

I have found the answer.
Try to check out my previous chat. I have reply to helpful clue

It didn't help to me 😦

Where are you stuck on POST? 🙂

I am stuck at PUT and DELETE method

Just slide into my dm's again 🙂

and I'll take a looksie

Alright

👍

I'm stuck on the post module

Where are you having trouble with it?

Well, I don't know what to do, I tried sending json, parameters, deleting cookies, changing username of cookie, but didn't work

Have you tried decoding the cookie?

The hint says cookie

yah

🍪

😂

Nvm, you said you have changed username of the cookie. Can you send me what you changed your cookie to in DM? Just so we dont spoil it completely for others

Hi, for linux fundamental, I have to connect to an rdp but it doesn't seems to work, am I doing something wrong? https://prnt.sc/w9vdke