Hack the Box Starting Point Walkthrough

Introduction

• Hack the Box (HTB) Starting Point is for beginners in hacking and information security.
• Three tiers, each with five or six machines — require enumeration or exploitation to answer questions.
• Different from typical HTB style (various challenges and categories). More guided, similar to TryHackMe.

Overview of HTB Gameplay

• New machine releases every week with varying information.
• Objective: Gain user and root privileges to score points.
• Little guidance provided — purpose of the Starting Point is to bridge this gap.
• Academy modules recommended per tier offer practical training.

Resources

• GitHub with resources related to Capture the Flag (CTF) and hacking recommended for more content.
• Practical guides and content creators shared via GitHub.

Connecting to HTB Labs

• Connect to VPN to access HTB labs using openvpn config file or browser-based VM (Pwnbox).
• Ensure relevant tools are installed (e.g., Kali Linux).
• Example command to connect to HTB VPN via terminal: sudo openvpn [config_file].

Enumeration of Machines

Tier Zero - Meow

• First Task: Connect to VPN.
  • Verify with ifconfig command.
  • Specific VPN required for Starting Point machines.
• Questions:
  • VM stands for Virtual Machine.
  • Use terminal to interact (answer: terminal).
  • Service to form VPN connection: OpenVPN.
  • Tunnel interface indicated by tun0 (answer: tun0).
  • Tool to test connection: ping.
  • Port scanning tool: nmap.
  • Service on Port 23 (TCP): Telnet.
  • Typical username: root.
  • Retrieve flag after logging in via Telnet.

Tier Zero - Fawn

• Questions:
  • FTP acronym: File Transfer Protocol.
  • FTP communication model: Client-server model.
  • GUI FTP program: FileZilla.
  • FTP port: 21 TCP.
  • Secure FTP acronym: SFTP.
  • Connection testing tool: ping.
  • FTP service version from nmap scan: vsftpd 3.0.3.
  • OS type from scan: Unix.
  • Login to FTP with anonymous access.
  • Retrieve flag using get flag.txt in FTP.

Tier Zero - Dancing

• Questions:
  • SMB stands for Server Message Block.
  • SMB usually operates on port: 445.
  • SMB communication model: Client-server model.
  • SMB service name on port 445: Microsoft-DS.
  • Tool to connect to SMB shares: smbclient.
  • SMB client flag to list shares: -L.
  • Access share workshares, retrieve flag.

Tier Zero - Explosion

• Questions:
  • RDP stands for Remote Desktop Protocol.
  • Command line interface acronym: CLI.
  • Graphical User Interface acronym: GUI.
  • Old remote access tool without encryption: Telnet.
  • SSH verification concept: Public key cryptography.
  • Tool for initiating desktop projection: xfreerdp.
  • Service on port 3389: ms-wbt-server.
  • Flag for target IP in xfreerdp: /v:.
  • Connect using xfreerdp and retrieve flag.

Tier Zero - Knife

• Questions:
  • Essential skill for penetration testers: Enumeration.
  • Relevant nmap flag for version detection: -sV.
  • Service on port 80: HTTP.
  • Service name and version: nginx 1.14.2.
  • Popular directory busting tool: gobuster.
  • Gobuster directory option flag: dir.
  • Find admin page: admin.php.
  • Status code for found page: 200.
  • Find and submit root flag.

Next Steps

• Video covers Tier Zero machines. Upcoming videos will cover Tier One and Tier Two challenges.
• Encouragement to explore additional HTB content such as Battleground and forum/community support.
• Final advice to engage with HTB resources and continue learning.