Compare commits
14 Commits
Author | SHA1 | Date |
---|---|---|
s00ner | 912ebccd80 | |
s00ner | 194b12c4d4 | |
s00ner | eacd33b31a | |
s00ner | 4d0716d0d7 | |
s00ner | 57bf66bc00 | |
s00ner | 1dbb06ea50 | |
s00ner | 3e1164e684 | |
s00ner | ca00ce1a79 | |
s00ner | 6c7123a590 | |
s00ner | 482a9b6316 | |
s00ner | aaa9579d3e | |
s00ner | 3017d53e21 | |
s00ner | 3ebe6f36fb | |
s00ner | 325a4fcd2b |
|
@ -1,3 +0,0 @@
|
||||||
# Garbage
|
|
||||||
|
|
||||||
This is a grabage file that will get rejected.
|
|
|
@ -3,11 +3,15 @@
|
||||||
[Welcome](./welcome.md)
|
[Welcome](./welcome.md)
|
||||||
|
|
||||||
# Getting Started
|
# Getting Started
|
||||||
|
|
||||||
- [Create an Account](getting_started/create_account.md)
|
- [Create an Account](getting_started/create_account.md)
|
||||||
- [Set Up a Hacking Machine](getting_started/machine_setup.md)
|
- [Set Up a Hacking Machine](getting_started/machine_setup.md)
|
||||||
- [Start Hacking](getting_started/start_hacking.md)
|
- [Start Hacking](getting_started/start_hacking.md)
|
||||||
|
|
||||||
|
# Hack the Box Techniques and Tools
|
||||||
|
|
||||||
|
- [Add the Box to Your Hosts File](techniques_and_tools/hosts_file.md)
|
||||||
----------
|
----------
|
||||||
|
|
||||||
# Contributing
|
[How to Contribute](contribute/how_to.md)
|
||||||
- [How to Contribute](contribute/how_to.md)
|
[Contributors](contribute/contributors.md)
|
|
@ -0,0 +1,7 @@
|
||||||
|
# Contributors
|
||||||
|
|
||||||
|
Here is a list of the contributors to this knowledgebase. Thanks everyone!
|
||||||
|
|
||||||
|
* [s00ner](https://twitter.com/Jeffers0n)
|
||||||
|
|
||||||
|
If you've made a contribution to this site please add yourself here.
|
|
@ -4,12 +4,19 @@ Have something to add to this site? Here's how.
|
||||||
|
|
||||||
## Overview
|
## Overview
|
||||||
|
|
||||||
The source code for this site is hosted on s00ner's Gitea server at <https://git.doublehack.me/s00ner/Baltimore-hackthebox-knowledgebase>. It's a static site built with [mdbook](https://rust-lang.github.io/mdBook/index.html) and hosted by s00ner. If you'd like to contribute you should be familiar with [Git](https://training.github.com/downloads/github-git-cheat-sheet/) and [Markdown](https://rust-lang.github.io/mdBook/format/markdown.html) which are both relatively east to learn. You do not need to worry about html or javascript since that is created by mdbook. If you browse the source files in the repository alongside the website it will become apparent how the markdown files are translated into html.
|
This knowledgebase is a static site built with [mdbook](https://rust-lang.github.io/mdBook/index.html) and hosted by s00ner. The source code is hosted on s00ner's Gitea server at <https://git.doublehack.me/s00ner/Baltimore-hackthebox-knowledgebase>. If you'd like to contribute you should be familiar with [Git](https://training.github.com/downloads/github-git-cheat-sheet/) and [Markdown](https://rust-lang.github.io/mdBook/format/markdown.html) which are both relatively easy to learn. You do not need to worry about html or javascript since that is created by mdbook. If you browse the source files in the repository alongside the website it will become apparent how the markdown files are translated into html.
|
||||||
|
|
||||||
## Details
|
## Details
|
||||||
This is how you can get set up to start making changes and adding new pages.
|
This is how you can get set up to start making changes and adding new pages.
|
||||||
|
|
||||||
### Request a Giteea Account
|
### TL;DR
|
||||||
|
Here's the quick version:
|
||||||
|
1. Ask s00ner for an account on the [Gitea sever](https://git.doublehack.me).
|
||||||
|
2. Fork the [repository](https://git.doublehack.me/s00ner/Baltimore-hackthebox-knowledgebase).
|
||||||
|
3. Make your changes into your forked repository, commit them, push to the server.
|
||||||
|
4. Submit a pull request to merge you changes into the upstream repository.
|
||||||
|
|
||||||
|
### Request a Gitea Account
|
||||||
The [Gitea sever](https://git.doublehack.me) has new user registration turned off to prevent random people on the internet from creating accounts. Send s00ner a message on Discord with your desired username and your email address and I'll create an account for you.
|
The [Gitea sever](https://git.doublehack.me) has new user registration turned off to prevent random people on the internet from creating accounts. Send s00ner a message on Discord with your desired username and your email address and I'll create an account for you.
|
||||||
|
|
||||||
#### Optional - SSH Key Setup
|
#### Optional - SSH Key Setup
|
||||||
|
@ -37,3 +44,5 @@ Some general stuff to help you out.
|
||||||
- You might have noticed a file `Jenkinsfile` in the repo. Please do not modify this. Any pull requests with changes to this file will be rejected.
|
- You might have noticed a file `Jenkinsfile` in the repo. Please do not modify this. Any pull requests with changes to this file will be rejected.
|
||||||
- If you have created a new page, make sure to update `SUMMARY.md` to link to your page so it will show up in the sidebar.
|
- If you have created a new page, make sure to update `SUMMARY.md` to link to your page so it will show up in the sidebar.
|
||||||
- Keep your personal fork up to date. As time passes and changes get made to the upstream repo you working fork will fall behind. You can resync it with upstream by using a Pull Request in the web UI or on the command line following [this guide](https://www.freecodecamp.org/news/how-to-sync-your-fork-with-the-original-git-repository/).
|
- Keep your personal fork up to date. As time passes and changes get made to the upstream repo you working fork will fall behind. You can resync it with upstream by using a Pull Request in the web UI or on the command line following [this guide](https://www.freecodecamp.org/news/how-to-sync-your-fork-with-the-original-git-repository/).
|
||||||
|
- Remember to spell check. Most text editors don't have any spell checking by default so remember to use a spell checking plugin or run an external spell checker.
|
||||||
|
- If you've made a contribution to the site, add yourself to the [Contributors](contribute/contributors.md) page.
|
|
@ -6,7 +6,7 @@ Back in the day you had to hack your way into creating a Hack the Box account bu
|
||||||
2. Pick a username, enter your email address, set a password, and click "Register"
|
2. Pick a username, enter your email address, set a password, and click "Register"
|
||||||
3. Hack the Box will email you a verification link. Open the email and click "Verify Your Email"
|
3. Hack the Box will email you a verification link. Open the email and click "Verify Your Email"
|
||||||
|
|
||||||
That's all, you now have a Hack the Box account and can start on the labs.
|
That's all. You now have a Hack the Box account and can start on the labs.
|
||||||
|
|
||||||
## Optional
|
## Optional
|
||||||
|
|
||||||
|
|
|
@ -19,7 +19,7 @@ Kali Linux is a Linux distribution created for penetration testing and security
|
||||||
4. Select the Kali ova file you downloaded and import it.
|
4. Select the Kali ova file you downloaded and import it.
|
||||||
5. Click the "Start" button in VirtualBox for your new Kali VM.
|
5. Click the "Start" button in VirtualBox for your new Kali VM.
|
||||||
|
|
||||||
That's it, you now have an operational Kali VM. The default credentials for the Kali VM are "kali/kali". You'll probably want to change that password. To learn more about using Kali Linux, check out the [Kali Linux Docs](https://www.kali.org/docs/). You'll need to get comfortable using Linux to be proficient at Hack the Box Labs.
|
You now have an operational Kali VM. The default credentials for the Kali VM are "kali/kali". You'll probably want to change that password. To learn more about using Kali Linux check out the [Kali Linux Docs](https://www.kali.org/docs/). You'll need to get comfortable using Linux to be proficient at Hack the Box Labs.
|
||||||
|
|
||||||
## Keep it Updated
|
## Keep it Updated
|
||||||
Kali recommends checking for updates every few weeks. Kali does not automatically pull in updates so you have to do it yourself. [This page](https://www.kali.org/docs/general-use/updating-kali/) of the Kali docs go over how to install updates. The two commands you need to use are:
|
Kali recommends checking for updates every few weeks. Kali does not automatically pull in updates so you have to do it yourself. [This page](https://www.kali.org/docs/general-use/updating-kali/) of the Kali docs go over how to install updates. The two commands you need to use are:
|
||||||
|
@ -30,5 +30,5 @@ kali@kali:~$ sudo apt full-upgrade -y
|
||||||
|
|
||||||
## Other options
|
## Other options
|
||||||
- [Parrot](https://parrotsec.org/) is another good Linux distribution for hacking.
|
- [Parrot](https://parrotsec.org/) is another good Linux distribution for hacking.
|
||||||
- [VMware Workstation Player](https://www.vmware.com/products/player.com.html) is a different desktop virtualization platform.
|
- [VMware Workstation Player](https://www.vmware.com/products/player.com.html) is a different free desktop virtualization platform.
|
||||||
- [Hack the Box Pwnbox](https://help.hackthebox.com/en/articles/5185608-introduction-to-pwnbox) is a cloud hosted Parrot Security VM that automatically connects to Hack the Box labs. You must be a Hack the Box VIP user to use this for more than 2 hours.
|
- [Hack the Box Pwnbox](https://help.hackthebox.com/en/articles/5185608-introduction-to-pwnbox) is a cloud hosted Parrot Security VM that automatically connects to Hack the Box labs. You must be a Hack the Box VIP user to use this for more than 2 hours.
|
|
@ -0,0 +1,13 @@
|
||||||
|
# Add the Box to Your Hosts File
|
||||||
|
|
||||||
|
It's common for Hack the Box machines to include web servers that respond differently to HTTP requests depending on if you're requesting the IP address directly, the hostname, or a sub-domain.
|
||||||
|
(This is called [virtual hosting](https://en.wikipedia.org/wiki/Virtual_hosting)).
|
||||||
|
For example, on the [Bucket](https://app.hackthebox.com/machines/Bucket) machine the webserver gives different responses for `http://10.10.10.212`, `http://bucket.htb`, and `http://s3.bucket.htb`.
|
||||||
|
There is no DNS service on the HTB network so you have to use your [hosts file](https://en.wikipedia.org/wiki/Hosts_(file)) to resolve host names into IP addresses.
|
||||||
|
|
||||||
|
For the Bucket machine, we'd add the following line to `/etc/hosts`:
|
||||||
|
|
||||||
|
`10.10.10.212 bucket.htb s3.bucket.htb`
|
||||||
|
|
||||||
|
You can do this easily from the command line with `sudo nano /etc/hosts` use the nano text editor to add the line.
|
||||||
|
To make sure it's working you can try `ping bucket.htb` and it should ping 10.10.10.212.
|
Loading…
Reference in New Issue