Compare commits
14 Commits
Author | SHA1 | Date |
---|---|---|
s00ner | 912ebccd80 | |
s00ner | 194b12c4d4 | |
s00ner | eacd33b31a | |
s00ner | 4d0716d0d7 | |
s00ner | 57bf66bc00 | |
s00ner | 1dbb06ea50 | |
s00ner | 3e1164e684 | |
s00ner | ca00ce1a79 | |
s00ner | 6c7123a590 | |
s00ner | 482a9b6316 | |
s00ner | aaa9579d3e | |
s00ner | 3017d53e21 | |
s00ner | 3ebe6f36fb | |
s00ner | 325a4fcd2b |
11
SUMMARY.md
11
SUMMARY.md
|
@ -3,6 +3,15 @@
|
||||||
[Welcome](./welcome.md)
|
[Welcome](./welcome.md)
|
||||||
|
|
||||||
# Getting Started
|
# Getting Started
|
||||||
|
|
||||||
- [Create an Account](getting_started/create_account.md)
|
- [Create an Account](getting_started/create_account.md)
|
||||||
- [Set Up a Hacking Machine](getting_started/machine_setup.md)
|
- [Set Up a Hacking Machine](getting_started/machine_setup.md)
|
||||||
- [Start Hacking](getting_started/start_hacking.md)
|
- [Start Hacking](getting_started/start_hacking.md)
|
||||||
|
|
||||||
|
# Hack the Box Techniques and Tools
|
||||||
|
|
||||||
|
- [Add the Box to Your Hosts File](techniques_and_tools/hosts_file.md)
|
||||||
|
----------
|
||||||
|
|
||||||
|
[How to Contribute](contribute/how_to.md)
|
||||||
|
[Contributors](contribute/contributors.md)
|
|
@ -0,0 +1,7 @@
|
||||||
|
# Contributors
|
||||||
|
|
||||||
|
Here is a list of the contributors to this knowledgebase. Thanks everyone!
|
||||||
|
|
||||||
|
* [s00ner](https://twitter.com/Jeffers0n)
|
||||||
|
|
||||||
|
If you've made a contribution to this site please add yourself here.
|
|
@ -0,0 +1,48 @@
|
||||||
|
# How to Contribute
|
||||||
|
|
||||||
|
Have something to add to this site? Here's how.
|
||||||
|
|
||||||
|
## Overview
|
||||||
|
|
||||||
|
This knowledgebase is a static site built with [mdbook](https://rust-lang.github.io/mdBook/index.html) and hosted by s00ner. The source code is hosted on s00ner's Gitea server at <https://git.doublehack.me/s00ner/Baltimore-hackthebox-knowledgebase>. If you'd like to contribute you should be familiar with [Git](https://training.github.com/downloads/github-git-cheat-sheet/) and [Markdown](https://rust-lang.github.io/mdBook/format/markdown.html) which are both relatively easy to learn. You do not need to worry about html or javascript since that is created by mdbook. If you browse the source files in the repository alongside the website it will become apparent how the markdown files are translated into html.
|
||||||
|
|
||||||
|
## Details
|
||||||
|
This is how you can get set up to start making changes and adding new pages.
|
||||||
|
|
||||||
|
### TL;DR
|
||||||
|
Here's the quick version:
|
||||||
|
1. Ask s00ner for an account on the [Gitea sever](https://git.doublehack.me).
|
||||||
|
2. Fork the [repository](https://git.doublehack.me/s00ner/Baltimore-hackthebox-knowledgebase).
|
||||||
|
3. Make your changes into your forked repository, commit them, push to the server.
|
||||||
|
4. Submit a pull request to merge you changes into the upstream repository.
|
||||||
|
|
||||||
|
### Request a Gitea Account
|
||||||
|
The [Gitea sever](https://git.doublehack.me) has new user registration turned off to prevent random people on the internet from creating accounts. Send s00ner a message on Discord with your desired username and your email address and I'll create an account for you.
|
||||||
|
|
||||||
|
#### Optional - SSH Key Setup
|
||||||
|
If you'd like to use SSH to access your repository you can upload your public key to the Gitea server. Navigate to <https://git.doublehack.me/user/settings/keys> and add your public key to your profile. You can use `ssh-keygen` to create a new keypair. Please remember to keep your private key private and protected.
|
||||||
|
|
||||||
|
### Fork the Repository
|
||||||
|
Head over to <https://git.doublehack.me/s00ner/Baltimore-hackthebox-knowledgebase> and click the "Fork" button near the top-right of the page. This will create a copy of the repository under your account where you can make changes.
|
||||||
|
|
||||||
|
### Making Changes
|
||||||
|
Let's create some content!
|
||||||
|
|
||||||
|
#### The Easy Way
|
||||||
|
You can directly edit and create files using the Gitea web UI. Navigate to the file you'd like to edit and click the pencil icon. This will open the editor where you can modify the markdown files. Once you've finished, scroll down to the "Commit Changes" section at the bottom of the page. Add a commit message that describes what you did and then click "Commit Changes". If you're creating a new page just click the "New File" button in the directory you want your page to live and follow the same process as editing a page.
|
||||||
|
|
||||||
|
#### The Slightly Less Easy Way (But it's Still Pretty Easy)
|
||||||
|
If you're already familiar with Git and text editing you can follow the typical Git workflow. Once you've created your fork, do a `git clone` to download the repository locally. Make the changes you'd like to make using your favorite text editor and use `git add [file]` to stage your changes and then `git commit -m "[Describe what you did]"` to commit them. Once you're all done do a `git push` to send your commits to the server.
|
||||||
|
|
||||||
|
### The Pull Request
|
||||||
|
You're all done creating your content and you're ready for your changes to make their way to the site. Go ahead and navigate back to the primary repository at <https://git.doublehack.me/s00ner/Baltimore-hackthebox-knowledgebase> and click on the "New Pull Request" button. For this request the left dropdown box should read "merge into: s00ner:main" and the right one should read "merge from: [your username]:main". This page will show a diff of your proposed changes. If everything looks good, click the "New Pull Request" button and give your request a title and a description, then click "Create Pull Request". That's all you have to do. Sit tight and s00ner will review the request and if everything looks good your request will be accepted and the site will update to reflect you changes. If s00ner is taking too long to review your request please message him on Discord.
|
||||||
|
|
||||||
|
## Helpful Tips
|
||||||
|
|
||||||
|
Some general stuff to help you out.
|
||||||
|
|
||||||
|
- You might have noticed a file `Jenkinsfile` in the repo. Please do not modify this. Any pull requests with changes to this file will be rejected.
|
||||||
|
- If you have created a new page, make sure to update `SUMMARY.md` to link to your page so it will show up in the sidebar.
|
||||||
|
- Keep your personal fork up to date. As time passes and changes get made to the upstream repo you working fork will fall behind. You can resync it with upstream by using a Pull Request in the web UI or on the command line following [this guide](https://www.freecodecamp.org/news/how-to-sync-your-fork-with-the-original-git-repository/).
|
||||||
|
- Remember to spell check. Most text editors don't have any spell checking by default so remember to use a spell checking plugin or run an external spell checker.
|
||||||
|
- If you've made a contribution to the site, add yourself to the [Contributors](contribute/contributors.md) page.
|
|
@ -6,7 +6,7 @@ Back in the day you had to hack your way into creating a Hack the Box account bu
|
||||||
2. Pick a username, enter your email address, set a password, and click "Register"
|
2. Pick a username, enter your email address, set a password, and click "Register"
|
||||||
3. Hack the Box will email you a verification link. Open the email and click "Verify Your Email"
|
3. Hack the Box will email you a verification link. Open the email and click "Verify Your Email"
|
||||||
|
|
||||||
That's all, you now have a Hack the Box account and can start on the labs.
|
That's all. You now have a Hack the Box account and can start on the labs.
|
||||||
|
|
||||||
## Optional
|
## Optional
|
||||||
|
|
||||||
|
|
|
@ -19,7 +19,7 @@ Kali Linux is a Linux distribution created for penetration testing and security
|
||||||
4. Select the Kali ova file you downloaded and import it.
|
4. Select the Kali ova file you downloaded and import it.
|
||||||
5. Click the "Start" button in VirtualBox for your new Kali VM.
|
5. Click the "Start" button in VirtualBox for your new Kali VM.
|
||||||
|
|
||||||
That's it, you now have an operational Kali VM. The default credentials for the Kali VM are "kali/kali". You'll probably want to change that password. To learn more about using Kali Linux, check out the [Kali Linux Docs](https://www.kali.org/docs/). You'll need to get comfortable using Linux to be proficient at Hack the Box Labs.
|
You now have an operational Kali VM. The default credentials for the Kali VM are "kali/kali". You'll probably want to change that password. To learn more about using Kali Linux check out the [Kali Linux Docs](https://www.kali.org/docs/). You'll need to get comfortable using Linux to be proficient at Hack the Box Labs.
|
||||||
|
|
||||||
## Keep it Updated
|
## Keep it Updated
|
||||||
Kali recommends checking for updates every few weeks. Kali does not automatically pull in updates so you have to do it yourself. [This page](https://www.kali.org/docs/general-use/updating-kali/) of the Kali docs go over how to install updates. The two commands you need to use are:
|
Kali recommends checking for updates every few weeks. Kali does not automatically pull in updates so you have to do it yourself. [This page](https://www.kali.org/docs/general-use/updating-kali/) of the Kali docs go over how to install updates. The two commands you need to use are:
|
||||||
|
@ -30,5 +30,5 @@ kali@kali:~$ sudo apt full-upgrade -y
|
||||||
|
|
||||||
## Other options
|
## Other options
|
||||||
- [Parrot](https://parrotsec.org/) is another good Linux distribution for hacking.
|
- [Parrot](https://parrotsec.org/) is another good Linux distribution for hacking.
|
||||||
- [VMware Workstation Player](https://www.vmware.com/products/player.com.html) is a different desktop virtualization platform.
|
- [VMware Workstation Player](https://www.vmware.com/products/player.com.html) is a different free desktop virtualization platform.
|
||||||
- [Hack the Box Pwnbox](https://help.hackthebox.com/en/articles/5185608-introduction-to-pwnbox) is a cloud hosted Parrot Security VM that automatically connects to Hack the Box labs. You must be a Hack the Box VIP user to use this for more than 2 hours.
|
- [Hack the Box Pwnbox](https://help.hackthebox.com/en/articles/5185608-introduction-to-pwnbox) is a cloud hosted Parrot Security VM that automatically connects to Hack the Box labs. You must be a Hack the Box VIP user to use this for more than 2 hours.
|
|
@ -0,0 +1,13 @@
|
||||||
|
# Add the Box to Your Hosts File
|
||||||
|
|
||||||
|
It's common for Hack the Box machines to include web servers that respond differently to HTTP requests depending on if you're requesting the IP address directly, the hostname, or a sub-domain.
|
||||||
|
(This is called [virtual hosting](https://en.wikipedia.org/wiki/Virtual_hosting)).
|
||||||
|
For example, on the [Bucket](https://app.hackthebox.com/machines/Bucket) machine the webserver gives different responses for `http://10.10.10.212`, `http://bucket.htb`, and `http://s3.bucket.htb`.
|
||||||
|
There is no DNS service on the HTB network so you have to use your [hosts file](https://en.wikipedia.org/wiki/Hosts_(file)) to resolve host names into IP addresses.
|
||||||
|
|
||||||
|
For the Bucket machine, we'd add the following line to `/etc/hosts`:
|
||||||
|
|
||||||
|
`10.10.10.212 bucket.htb s3.bucket.htb`
|
||||||
|
|
||||||
|
You can do this easily from the command line with `sudo nano /etc/hosts` use the nano text editor to add the line.
|
||||||
|
To make sure it's working you can try `ping bucket.htb` and it should ping 10.10.10.212.
|
Loading…
Reference in New Issue