sudo apt update sudo apt upgrade
hackthebox.ctb
. Create
a new top-level node named “Tier 1”. Then create some subnodes named
for the first four tier 1 machines: Appointment, Sequel, Crocodile, and
Responder.
As before, you will document your work on each of the virtual machines you attempt to hack with the goal of doing as much from memory as possible. That said, the tier 1 machines are a step up in difficulty from the tier 0 machines, so if you need to use the Walkthrough instructions to give yourself some hints, that is okay. The Walkthrough instructions do a really nice job of explaining theory behind various concepts so definitely take time to soak up all you can.
Here are some notes that may be helpful as you work with each machine:
apt install gobuster
. You will
need to use google to see some examples of how gobuster can be run.
Keep in mind that in Kali there directory /usr/share/wordlists/
contains a number of wordlists you can use. I used the medium dirbuster
list.
/etc/hosts
file in Kali. You can look at the walkthrough instructions to get
an idea of how to do it. Editing this file is a common technique
of system admins and pentesters. This would be a good one to
read the Walkthrough carefully because it provides great background
information for the kinds of attacks presented here. Even if you follow
their instructions, it will take some time. One step they don't tell
you about is that you'll need to unzip /usr/share/wordlists/rockyou.txt.gz
file using the gunzip
command.
Paste the screenshot in the Tier 1 root node and then turn in the document by uploading it into Canvas.