0x00sec HackTheBox Team



anyone got any flags for Stratosphere soon to retire ?


got user on MIscheif … any hints to root?

(← ∨ ↑ = ␀) #23

The #htb channel on IRC is going to be the better place to ask these questions. This thread is solely for spreading info about joining the team.

(labyrinth) #24

Is the team still going? Joined in IRC and doesn’t seem like there are many there or much conversation, i.e. no conversation so far.


Sure it is! There may be dead hours but eventually someone will pop up :wink:

(Zain) #26

We all are busy at the moment with most of us going back to school. Don’t worry, we aren’t dead yet. I for one have been busy asf lately since college has started and I’m suspecting a lot of people are having this issue, but school comes first. Just stick around.


I am hugely driven by knowledge. I’m very interested in learning from this team and being as involved as possible. Unfortunately I know about nill regarding hacking, thus I can’t even create an account on HackTheBox (which is probably incredibly easy, lol). If possible lend me a hand and I’ll gladly help this team in the future as much as possible. I have a degree in CS but as I’ve become aware very recently that doesn’t mean much in terms of hacking, but at least I have a basis of knowledge. :slight_smile:

(In love with cookies) #28

You’ll need an htb account to join the team. Read into XSS (cross site scripting), burp suite (for http intercept), some basic encryption and also refresh your basic knowledge about html, php and js. This should be enough material to create an account (and be busy for some time :P)

Propably most appreciable hint: although there are plenty tutorials on youtube and other guides on the interwebs, do not use them! Seriously, you’ll learn nothing from them and they will destroy the experience for you!


I figured it out and registered. :slight_smile:

The only hard part was determining the ecrpytion that was used on my invite code. (It was Base64, but at the time I didn’t have a way of knowing so I just bruteforced cryptography until the code looked somewhat like an invite code with equidistant dashes)… Is there a way to figure out what cryptography algorithm was used, or the best method literally bruteforce? Are there any signals which might allude to which encryption was used? I remember hearing in the IRC it’s very common for Base64 encryptions to end with a == or ===. I haven’t done research on Base64 encoding yet, so that’s something I could figure out myself, but if there’s anything you could tell me, I’d be more than grateful.

Thanks for your help! I’ll be joining the HTB team when I have more freetime. Currently a bit overworked in uni.

(In love with cookies) #30
Spoiler Alert

If I remember correctly it gives you two codes, the first one being an easy encryption (like ROT13). After decrypting that you get a message to use Base64 on the other one :thinking: I’m not sure, it’s been a while

But anyways :stuck_out_tongue: Welcome to the community!


That was true. The first ROT13 encryption told me in the metadata that it was ROT13, the second encryption didn’t specify which one, to which I bruteforced until I found it to be Base64. :slight_smile:

(system) #32

This topic was automatically closed after 30 days. New replies are no longer allowed.