Prerequisite

Before starting the work on HTB machines, always add the IP address to /etc/hosts on our machine. Example:

nino@nakano:~$ cat /etc/hosts
127.0.0.1       localhost
127.0.1.1       nakano
# The following lines are desirable for IPv6 capable hosts
::1     localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

#HackTheBox
10.10.11.105    horizontall.htb api-prod.horizontall.htb
.....

Common tools

Here are some commonly used tools for working on HackTheBox machines.

• nmap - for port scanning

• ffuf - directory scanning & vhost discovery

Ffuf can be used for performing directory scanning as well as vhost bruteforce (subdomain enumeration). That's why I prefer using Ffuf over other tools because this single tool can be used for multiple purposes.

• SecLists - Wordlist

Seclists is a collection of wordlists that will be very useful when performing fuzzing.

Reverse Shell

• https://reverse-shell.sh

• https://www.revshells.com

TTY Shell

"Magic trick" for achieving a stable Full TTY shell (works on bash):

user@remote-server:~$ python3 -c "import pty; pty.spawn('/bin/bash')" 

Then press CTRL+Z to pause the shell process. Next, execute the following command to disable input buffering and echo, making the reverse shell more responsive.

user@local:~$ stty raw -echo 

After that, run the following command to bring the shell process to the foreground.

user@local:~$ fg

Lastly, execute the following command to set the TERM environment variable to xterm, ensuring smooth operation of the interactive shell.

user@remote-server:~$ export TERM=xterm

• Mendapatkan Akses TTY Shell setelah Back Connect

Useful Resources

• exploitdb-bin-sploits // Exploit-Database's pre-compiled binary exploits

• Ippsec

• kashz jewels

• HackTricks

Alright, that's it for this update. I'll provide more updates later.