Hack The Box - Swagshop

Hi, i’m new here and recently begin Hack The Box challenges.I begin with Swagshop but i cant do more than a nmap scan… So if someone can help me with hints or books that i can learn i would be very grateful. :slight_smile:

1 Like

Hey there! I’d take a look at your Nmap output and continue to enumerate. What can you learn about each service on there? If there is a website, what tool can you use to enumerate the website? Continue to poke around and learn as much as you can about anything you find, and you can pwn swagshop!

The ippsec YouTube videos are very helpful for learning how some tools work, with some research into tools like dirbuster and learning a bit about how reverse shells are handled in his videos you can tackle a lot.


When you say to learn about each service on thre you mean try to find if the versions are old and have some vulnerabilities. It have a website, is using magento, probably try to find if magento has some vulnerabilities and use dirb to search for hidden web content. Thank you for the help 0xf00f77. :smile:

You should also check the very nice write up of @PresComm

1 Like

Thank you all for the support guys, i will do my best! And i will see your write up too @PresComm :slight_smile:

I think i’m on the right track. I will take more time because i want to know how the things work, the exploits, the shells, etc. If i need some help i will ask but ippsec is really good to learn, Thank you so much :slight_smile:

1 Like

If you need a little nudge, you can pm me on discord htb :slight_smile:

@W4K3Y Petruknisme#5919

Feel free to ping me

This topic was automatically closed after 30 days. New replies are no longer allowed.