Bythos Bytes

Recently I won a VIP subscription to HTB . As such I headed to hack every retired machine, from easier to hardest. Unfortunately, most of the easy ones are (so far) too easy.

After gathering “all” information that I need, most of the hacks were straightforward metasploit modules and exploits ready to run. I hacked 11 easy machines so far, which isn't' a good number.

Another thing that I noticed is that, so far, most of the machines, when they step up the difficulty level, does this by including some web vulnerabilities.

Since I don't like, nor I'm an expert on webvulns, I'm currently struggling to hack some “not so easy” VMs based on this kind of vulns. Of course I do know about the OWASP guidelines and basic web tests that every analyst must perform.

I'll keep the pace as long as I can. Then, if I got tired I'll switch to the reverse and crackme challenges. It's more fun and well-suited for my skills.

Until next time,