Hi, i’m new here and recently begin Hack The Box challenges.I begin with Swagshop but i cant do more than a nmap scan… So if someone can help me with hints or books that i can learn i would be very grateful.
Hey there! I’d take a look at your Nmap output and continue to enumerate. What can you learn about each service on there? If there is a website, what tool can you use to enumerate the website? Continue to poke around and learn as much as you can about anything you find, and you can pwn swagshop!
The ippsec YouTube videos are very helpful for learning how some tools work, with some research into tools like dirbuster and learning a bit about how reverse shells are handled in his videos you can tackle a lot.
When you say to learn about each service on thre you mean try to find if the versions are old and have some vulnerabilities. It have a website, is using magento, probably try to find if magento has some vulnerabilities and use dirb to search for hidden web content. Thank you for the help 0xf00f77.
I think i’m on the right track. I will take more time because i want to know how the things work, the exploits, the shells, etc. If i need some help i will ask but ippsec is really good to learn, Thank you so much
If you need a little nudge, you can pm me on discord htb
Feel free to ping me
This topic was automatically closed after 30 days. New replies are no longer allowed.