Category: random

METASPLOIT… Use it?

To put it simply… it depends on what you’re trying to accomplish.

If your goal is nothing more than being a hobbyist and going to DEFCON and CTF events and trying to get on top of the scoreboard… then sure… use it. It’s a great tool.

If you’re starting out, sure use it. We all remember the thrill of the first password we cracked or the first shell we got right?

But if you want to truly understand the processes behind it all… try not to use it. There are other ways around it and people have done it before. There’s plenty of stuff online that will point you in the right direction. I only try to use it as a last resort. I don’t want to get dependent on a program that does a lot of the hard work for me. Plus I crave understanding why things work the way they do.

Oh, and because I don’t want to be a skiddie. I’m not being judgemental… like I said… it just depends on what you want to accomplish. But if you want to truly be a professional and get an even better sense of satisfaction when you pop a shell or get root through manual windows privilege esc (yes I finally did this earlier today… will post about it under my Optimum walkthrough), then try not to use it.

Hackthebox.eu VIP… Worth it?

Yeah… it kinda is

For those of you who are newer and are using Hackthebox.eu as a learning platform… let me let you in on a little secret… it’s okay to use walkthroughs sometimes. Guess what? You can only get the walkthroughs for hackthebox’s machines for retired machines… which you only have access to on VIP. It’s only 10 Euros a month and you can cancel whenever. That’s less than 2 Starbucks coffees for a ton more value in terms of learning.

Ignore those people who say you should never use a walkthrough because it’s showing that you’re giving up… I’m somewhat new to pentesting and guess what… I am a fast learner and I like to learn things quickly. Don’t get me wrong, I’ll spend (sometimes) hours on a box before I resort to a walkthrough if I need it… but guess what… once I finally resort to it I will NEVER forget what I did wrong or what I missed.

After all… you’re learning to exploit machines… and this stuff isn’t easy… otherwise everyone would be doing it. On here you’ll find some HTB walkthroughs because I think it’s just good for the community for me to share my findings… that’s how we all get better.