mdorante

mdorante

Posted on July 29, 2022

My Hacking Journey

This blog is basically for me to keep record of my progress in Ethical Hacking and Cybersecurity in general, but it may also help anyone starting to get into this world as well.

So a brief introduction of myself, I'm a Systems Analysis Technician and I've worked all of my career (about 3 years of experience in total) in SysAdmin/DevOps roles. At the moment I'm working as a DevOps Engineer but I'm broadening my horizons and taking a deep dive into Ethical Hacking and Pentesting which, honestly, just look cool to me. I want to look as cool as Elliot Alderson does in Mr. Robot!

I started a couple of days ago with HackTheBox, as of now I've only pwned 2/4 of the Tier 0 Starting Point machines. It's been very fun so far, the platform asks questions about tools and command line utilites and if you pay close attention, the questions you're answering are the solution to hacking the machines!

It's not much of a straight forward process and it'll be hard for anyone not familiar with Linux and usage of the command line. But don't stress if you're not familiar with this, there is no time limit and the platform gives you hints, also you can just google and do your research to complete the tasks if you need to.

Keep in mind that these are skills that probably most if not all Penetration testers dominate and use on a day to day basis, so I believe you'll have to learn it at some point if you want to pursue this path.

I'm using Kali Linux and connecting to the HackTheBox VPN with openvpn, it's as simple as running a command like this:
openvpn path/to/your/openvpn_file.ovpn

For the first machine, I connected via telnet after discovering open ports using nmap. After that, all I had to do was just use cat read the root_flag.txt file and that was the value I needed to complete the "pwning" of the machine! Then for the second machine, I also used nmap to find open ports and to find the version of FTP that was running on the open port, logged in via FTP and also read the root_flag.txt but with the less command as it seems cat is not available in the FTP command line.

These are my first steps, I'll continue blogging my progress as I keep pwning machines!

💖 💪 🙅 🚩
mdorante
mdorante

Posted on July 29, 2022

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related

My Hacking Journey
cybersecurity My Hacking Journey

July 29, 2022