What I like about the videos is that you allow yourself to make mistakes and keep going, you don't cut or edit anything. For those of us just starting out, this is helpful because we can empathize with the situation and see in real-time how you resolve problems when they arise. Thank you, greetings from Argentina.
Thanks mate, appreciated! The longer I've been making videos the more I've got in the habit of cutting parts out so as not to waste viewers time but maybe after your feedback I'll return to a more raw format 🥰
this guy is the guy I wanna be in about 2/3 years. If I am consistent and keep practicing I feel like I can get to this level and he gives me hope. Thanks so much for the content! new subscriber here
One tool I really like for learning or remembering command usage rather than -h or man is tldr. It's a node/npm package that just gives a nice quick list of example usages for any particular command so you don't have to try to parse through all the help text for common usages.
I’m new to cybersecurity/hacking. I decided to just simply search for some HTB videos and this came up. It’s given me more confidence to keep moving forward with learning these skills. I’m pumped! Thanks for the awesome content.
I've been on HTB Academy since last year and I am always afraid to tackle these Machines, but seeing your walkthrough gave me courage! Took me at least 40+ mins to PWN Meow hahahaha before I saw this video. sometimes my nmap doesnt scan quite as fast as yours does. Thank you so much for the awesome content!
@@_CryptoCat Ohhh!! Hahahaha I thought I was just trippin, I always suspend the command and do another command 😂😂😂 cause I cant wait like 10 mins. Its usually longer right?
@@DONUTSKIE It depends on the box (and your network), I typically use Masscan to scan all 65k TCP and 65k UDP ports as it's very fast. Then I feed the open ports into NMap for service discovery, scripts etc. You can also run NMap with the -vv option so you'll see the open ports as they are discovered, without needing to wait for the scan to complete 😉
@@CaptainAeroz If you get lost, check out the walkthroughs/writeups or do some background research on whatever you're confused about.. e.g. if you working on a challenge that requires nmap and you have no idea what that is or how to use it, go and read the documentation or watch a tutorial etc. Knowledge is incremental, learning is the important thing, not how fast you get there.
Honestly man when I started out I had no idea what anything was or what any of it did but watching enough videos and trying the boxes out with a temp mail account or 12 and you can really try it out for a couple of days. There’s loads of free online resources for everything you’ll need and everything you’ll want to learn as well
Ive loved computers and machines all my life, ever since I played my mom's ipad when I was like 4. Unfortunately, my highschool let me down and they don't have any kind of cyber security programs of classes. Guess I need to start learning myself if I wanna have a chance at getting a degree.
thanks 😁 here's a screenshot of the colour palette: imgur.com/a/EXSO6l0 the only problem is when running some scripts e.g. LinPEAS, the colours wont be very useful 😆
No need to specify "-sS" when running nmap with root privileges, because it automatically runs a SYN scan by default when available. Your machine prob just needed a few more seconds to fully boot
For anybody else that has absolutely no idea what they are doing but are trying to follow along & are in the comment sections because you are trying to see if there are other people that have absolutely no idea whats going on then you have come to the right place, its me…. I have no idea whats going on after trying many things lol don’t worry guys we are going to get through this.
Thanks mate! My Linux VM is Parrot OS, but tbh I'll be swapping back to Kali next time I make a VM (Parrot is soooo slow to update packages rn). My Windows VM is Commando VM by Mandiant (kind of a Windows version of Kali) but I also plan to swap it with a standard Windows VM when I cba because it's really overkill for my needs (takes a lot of space, low performance).
Definitely learn the basics first.. This is an introduction to penetration testing but that in itself is a niche area of computing. There's lots of videos out there covering the basics of linux, networking, web fundamentals etc which will help provide a base of knowledge to make pen-testing easier. If you have any specific questions (any basics you're unsure about), do let me know!
Thanks for the video man! I rly wanted to learn cybersecurity and decided to start with doing hacktheboxes and I found you. Well, lucky for me, this was a very fun experience and I also learned a lot of new stuff. Keep going!
Hi @crypto cat. Thanks for doing this . I just want to mention that with a KAli VM in VMware workstation I am unable to connect my terminal in there - I ran the command openvpn startingpoint.ovpn but after saying initiatlisation completed nothing else happens. RIght I am connected to the OpenVpn on my Windows PC and it is green on HTB so I can follow the walkthrough in this video but cannot do the technical part because of the explanation of my challenge i mentioned earlier.
Hey, you said nothing happens.. Has it worked before? Are you able to ping the machine from your VM? Have you tried to reset VM? Reset VPN? Regenerate VPN pack? Switch servers? Checked the HTB discord/forum for support?
I'm going back to school for cybersecurity this year. Studying for the A+ and the Sec+. I've been having a problem getting The machines to ping. I'm connected to the VPN and I can ping the tunnels but then I'll go to ping the machine and nothing happens
I would check on the HTB forums or discord, there's probably some troubleshooting steps and tech support if all else fails. Good luck with your studies! 🙂
Of course! You can check it here: imgur.com/a/gCnvq8A - beware that some tools really benefit from a standard colour profile though, e.g. linpeas, so it's good to create a separate profile that you can easily swap between 🙂
I just do everything in a VM, to keep my personal PC separate from my hacking.. It's not so much for security as it is to keep my main system clean of tools, files or other artefacts. VMs of course provide the additional security too though!
If you don't understand this video, where do you go? I am dying to start pentesting but I don't understand half I read :( I can download and install Linux in a VM, but from there I am lost. Who in YT can help?
Any particular you don't understand? Probably the best recommendation is to check the official PDF walkthrough (and some other walkthroughs on Google) as it may have more detailed steps. If there's a part of the video/walkthrough you really don't get, e.g. NMap scans, then go and look for videos/writeups/tutorials specific to that tool/idea you are unsure about. HackTheBox academy has some really nice beginner-focused content as well 🙂
Well starting point is literally kicking my a**. I smoked an entire pack today working at it. Even when i follow the walkthrough (for preignition) i can't finish it. Says it can't run go buster for some reason.
throw the gobuster errror into chatgpt and see what it says.. or try a different tool, e.g. dirb, dirbuster, ffuf You'll get there but it takes time, not going to happen overnight 👊
Yep, you'll need to connect with openvpn using the .ovpn file. Other operating systems will do but kali/parrot are probably the most popular. Alternatively, you can checkout the HTB pwnbox which is like a parrot VM running in the browser.
Hi CryptoCat, I am really liking HTB, but i keep getting VPN disconnects on the website, even though ifconfig still shows a "tun" connection. I have tried classic HTB too with no change. Any tips?
Hmmm you could try and swap server / generate a new VPN connection pack. Does the tun adapter still have an IP address when it disconnects? If you keep running into issues try the support channel in discord.gg/hackthebox 😉
Hello sir When I try sudo nmap -sV ipaddress of the machine it takes more time is it usual or is there any problem in my nmap tool and also in command Starting nmap 7.92 at end for you after timing GMT is shown but for me it shows +530 after timing but I have 7.93 version
Hi mate, I've not had many problems with the speed but a couple of suggestions; you could use rustscan to scan TCP ports (it's very fast) or do what I do, use masscan to scan all 65k TCP *and* UDP ports, then feed the open ones to nmap (maybe you're doing this already, not sure if I mentioned in the video). You can also check for posts on HTB forum/reddit/discord as you are certainly not the only person to experience this issue: forum.hackthebox.com/t/why-nmap-scanning-is-too-slow/2352
@@_CryptoCat Brother Sorry for asking this type of silly questions Is it ok to learn from tutorial as a beginner and apply on capture the flag or is there anything learn before doing this type of capture the flag on hack the box lab ? Can you give some suggestions bro pls 🙏
@@jeonmichael1482 It's definitely OK to do that. I'd recommend get stuck into CTFs and HTB, if you can't find the flags or root the boxes, follow tutorials/writeups until you can 🙂
yo I got a issue, im on parrot os and I can't install xfreerdp (package "freerdp-x11" has no installation candidate). It refers me to install freerdp2-x11, but it also errors: freerdp2-x11 : Depends: libfreerdp-client2-2 (= 2.3.0+dfsg1-2+deb11u1) but 2.9.0+dfsg1-1~bpo11+1 is to be installed E: Unable to correct problems, you have held broken packages. I've searched for answers but found none, tried apt update, apt upgrade, apt --fix-broken install -y, nothing is working and im pretty sure some libraries are broken or something.
actually it's just the default terminal that comes install on the parrotos, i just changed the colours: imgur.com/a/kcFR9id - i kinda wanna swap to tmux for some additional functionality but i'm just so used to things the way they are 😅
The HTB starting point is aimed at absolute beginners *but* some general knowledge about IT/networks will really help. TryHackMe is a bit more guided so if you find HTB wayyy too hard, check it out first 😉
In the dancing challenge i am getting "Warning: .......... giving up on port because retransmission cap hit (10)." please let me know how to get rid of it
I use Kali through Windows remote desktop and did xrdp wsl2 to get the kali gui. I have ubuntu and kali app on windows. Do i need to download ubuntu again on the remote desktop? thanks.
Probably a connectivity issue, you could try and ping the box. If no response, double check your VPN connection and reboot the machine. If that fails, maybe try and swap VPN servers (re-download the connection pack).
i dont see why not! there's instructions for installing kali on pi 4: www.kali.org/docs/arm/raspberry-pi-4/ the better the spec, the better the performance will be of course but it should be fine for learning 😉
@@_CryptoCat yeah i know but wanna make sure that it can handle multi threading while using tools like hydra, gobuster, burpsuite, etc... so i guess i have to add some fans to it
Most do but some are non-monetized or limited. I have ads on the lowest permittable setting though and YT really doesn't pay much. This is my most profitable video, earning me a grand total £17 since I released it nearly a year ago 🤑
Here's a screenshot of the theme settings, which I adapted from a DefCon theme I saw on reddit: imgur.com/a/gCnvq8A Only thing I'd say is when using certain tools, e.g. LinPeas, the colours won't be very helpful (for identifying what is most vulnerable). Best to keep an OG profile that you can quickly swap to when running certain tools 😉
@@michaelinzo OK, so you connect your VM to the HTB VPN and you *can* ping the target machine, but can't telnet/SSH on *any* box? Has it been a long running issue? Did you say you're using Windows? Any AV/Firewall issues?
@@_CryptoCat Yeah I can ping and stuff etc. and yeah I have Bitdefender currently installed but I already add exemption to VM workstation IP. I got AV because there's a lot of attacks recently and I need to be really careful.
@@michaelinzo If you disable your Bitdefender for a min does it work? I've had endless problems with security software interfering with VMs I use for malware analysis, pen-testing etc. I had to switch from Bitdefender to Kaspersky a few years ago because they were unable to provide enough flexibility for me to do my academic research, i.e. even when fully disabled, their software blocked my lab machine functionality. If might not be your AV/firewall but the best way to troubleshoot is via process of elimination.. Check more steps here: wpastra.com/guides-and-tutorials/ssh-connection-refused/
Did you stop the active machine? 😁 You should be able to see it along the navigation bar at the top. If that fails, logout/login or switch VPN server 😉
I’m doing Fawn on their pwnbox and everytime I get down to finding the flag in ftp it says command not found and then when I use Sudo it asks for a password that it never takes. Someone please help!!!!
Just in case anyone needs the answer to this problem after you enter command 'get flag.txt' you need to open a new tab in the terminal and enter 'ls' then 'cat flag.txt' which will open the text if you followed the steps. Hope that helps.
@@_CryptoCat Thanks! I’m new to the cybersecurity space and I'm looking to get some practice and experience under by belt. I'm just having trouble getting this VPN to connect. I'm currently running out MAC
i don't have xfreerdp install on my parrot os. When i try to install i get an error " The following packages have unmet dependencies: freerdp2 -x11 : Depends: libfreerdp-client2-2 (= 2.3.0+dfsg1-2+deb11u11) but 2.7.0+dfsg1-1~bpo11+1 is to be installed" . Can someone please help me with this issue. Thanks.
how do i use a linux terminal if i have windows as my OS? can i use a virtual machine from virtual box and run OVPN on it and just do all the challenges on it?
What I like about the videos is that you allow yourself to make mistakes and keep going, you don't cut or edit anything. For those of us just starting out, this is helpful because we can empathize with the situation and see in real-time how you resolve problems when they arise. Thank you, greetings from Argentina.
Thanks mate, appreciated! The longer I've been making videos the more I've got in the habit of cutting parts out so as not to waste viewers time but maybe after your feedback I'll return to a more raw format 🥰
@@_CryptoCat yeah i always like the raw format, please
this guy is the guy I wanna be in about 2/3 years. If I am consistent and keep practicing I feel like I can get to this level and he gives me hope. Thanks so much for the content! new subscriber here
That's it mate! Stick with it and you'll get there in no time 🔥
How is going after 9 months?
@@mrsheep5848 how is going after 9 months and 3 weeks?
@@mrsheep5848 I think he is a elite hacker by now
how are you an year later?
One tool I really like for learning or remembering command usage rather than -h or man is tldr. It's a node/npm package that just gives a nice quick list of example usages for any particular command so you don't have to try to parse through all the help text for common usages.
That's gonna come in super handy! Thanks for sharing 💜
just installed it, i love !
But one think some time I forget to play a day the point will automatically loss or nothing to loss
Legend 👍
I already have used this to find commands quickly more than couple of times in last one hour only. Thanks for sharing this
I’m new to cybersecurity/hacking. I decided to just simply search for some HTB videos and this came up. It’s given me more confidence to keep moving forward with learning these skills. I’m pumped! Thanks for the awesome content.
Thanks mate, great to hear! 🥰
How is your progress so far?
How it going
Real
I've been on HTB Academy since last year and I am always afraid to tackle these Machines, but seeing your walkthrough gave me courage! Took me at least 40+ mins to PWN Meow hahahaha before I saw this video. sometimes my nmap doesnt scan quite as fast as yours does. Thank you so much for the awesome content!
Awww that's really nice to hear, TY 🥰 Haha d/w my NMap is probably not much different to yours - I edit out the long wait times 😉
@@_CryptoCat Ohhh!! Hahahaha I thought I was just trippin, I always suspend the command and do another command 😂😂😂 cause I cant wait like 10 mins. Its usually longer right?
@@DONUTSKIE It depends on the box (and your network), I typically use Masscan to scan all 65k TCP and 65k UDP ports as it's very fast. Then I feed the open ports into NMap for service discovery, scripts etc. You can also run NMap with the -vv option so you'll see the open ports as they are discovered, without needing to wait for the scan to complete 😉
I like it too, keep it up bro :)
dir busting... I would never figure this out :D Spend like 30 mins googling for this answer and luckly found you channel :) Thanks !
awesome! welcome my friend 🥰
Just Logged in today in HTB and every things is going above my head !!
gottta Learn Moreeeeee!!!!!!
that's it mate, you'll get there! 🙂
Incredible content mate, truly impressed here with precision of the information and conciseness. Looking forward to more content from you sir.
thanks mate, appreciate it! 💜
"very easy" meanwhile im completely lost.
Difficulty is always contextual (running is "very easy", but not if you don't know how to walk), you'll get there! 👊
But how am I supposed to get there if this is the easiest and I’m still lost? How am I supposed to learn with that?
@@CaptainAeroz If you get lost, check out the walkthroughs/writeups or do some background research on whatever you're confused about.. e.g. if you working on a challenge that requires nmap and you have no idea what that is or how to use it, go and read the documentation or watch a tutorial etc. Knowledge is incremental, learning is the important thing, not how fast you get there.
I have no idea what any of this even is tho
Honestly man when I started out I had no idea what anything was or what any of it did but watching enough videos and trying the boxes out with a temp mail account or 12 and you can really try it out for a couple of days. There’s loads of free online resources for everything you’ll need and everything you’ll want to learn as well
they should be offering this video on the site for me and my fellow dummies
😂🙏
Great content! I love the flow you have as you go through these. Very natural and authentic.
Thank you! Very much appreciate it 😊
Since making this video, HackTheBox have added more tier 0 machines:
Redeemer: ruclips.net/video/usZ78an3jXE/видео.html
I liked it, waiting for the next tier :)
thanks bro 🥰
Ive loved computers and machines all my life, ever since I played my mom's ipad when I was like 4. Unfortunately, my highschool let me down and they don't have any kind of cyber security programs of classes. Guess I need to start learning myself if I wanna have a chance at getting a degree.
My high school was the same unfortunately! Never too late to start learning 😉
its hard to understand but its ok 😊 web CTF in detail for beginners 🙏🙏🙏 love form INDIA
thanks mate 🥰🥰🥰
Thank you for your for sharing your experience here
No problem! 🥰
Finally got a way to start learning hacking … finally!
🔥
this video helped me a lot. keep it up. thanks
Thanks mate 🙏🥰
Which Linux do you use buddy? Really enjoyed that Video. Greetings from Germany
Thanks mate! I'm using ParrotOS at the moment but Kali Linux is also a great distribution for learning pentesting 😊
This was VERY helpful, thank you!!!
🙏🥰
Very well explained. Thank you
🙏🥰
I'm newbie, i'm from in VietNam, thanks you so much for the ibformation
Thanks mate! I love Vietnam, will try and get back out there next year 💜
Dope! Thanks dude
npz! 👊
Really good job, thanks from Russia 🇷🇺👍🏻
thanks mate 🥰
Yooooo what theme is that for the parrot terminal that's the coolest terminal theme I've ever seen!
thanks 😁 here's a screenshot of the colour palette: imgur.com/a/EXSO6l0
the only problem is when running some scripts e.g. LinPEAS, the colours wont be very useful 😆
No need to specify "-sS" when running nmap with root privileges, because it automatically runs a SYN scan by default when available. Your machine prob just needed a few more seconds to fully boot
nice, ty! 💜
Appreciate it, man. Thanks.
太棒了务必坚持更新下去
谢谢你
Thank you ❤️ it was really helpful
For anybody else that has absolutely no idea what they are doing but are trying to follow along & are in the comment sections because you are trying to see if there are other people that have absolutely no idea whats going on then you have come to the right place, its me…. I have no idea whats going on after trying many things lol don’t worry guys we are going to get through this.
Thanks for the video
&
Can you make a video about recon in real websites
Really appreciate this video!!!
thanks mate! 🥰
Hi! Amazing Video! what OS are you using?
Thanks mate! My Linux VM is Parrot OS, but tbh I'll be swapping back to Kali next time I make a VM (Parrot is soooo slow to update packages rn). My Windows VM is Commando VM by Mandiant (kind of a Windows version of Kali) but I also plan to swap it with a standard Windows VM when I cba because it's really overkill for my needs (takes a lot of space, low performance).
@@_CryptoCat Amazing! Thank you mate!
great walkthrought!
thanks mate 🥰
Are these starting points going to be helpful if I want to become a pro and I am starting from zero.
Sure! You've got to start somewhere 🙂
I guesa i understand the plattform now. ty
Why do start doing tasks before even learning the basics? Did I miss that part? Thanks!
Definitely learn the basics first.. This is an introduction to penetration testing but that in itself is a niche area of computing. There's lots of videos out there covering the basics of linux, networking, web fundamentals etc which will help provide a base of knowledge to make pen-testing easier. If you have any specific questions (any basics you're unsure about), do let me know!
@@_CryptoCat i appreciate it!
Thanks for the video man! I rly wanted to learn cybersecurity and decided to start with doing hacktheboxes and I found you. Well, lucky for me, this was a very fun experience and I also learned a lot of new stuff. Keep going!
Love to hear it! Thanks mate 🥰
@@_CryptoCat Btw do you know how I can install nmap on parrot os? I tried it but I can't do it
@@jake5129. Is NMap not pre-installed? I would be very shocked if that's the case but if so "sudo apt install nmap" 😉
Anyone else just casually take the Firefox flash bang every time he tabs over?
Do I need to know Java, ASP, PHP, Bash, Python, and the rest of the Programming Language to solve the HackTheBox challenges?
Nope! Generally, being able to read code is useful but you don't need to be an expert in any one language.
Hi @crypto cat. Thanks for doing this . I just want to mention that with a KAli VM in VMware workstation I am unable to connect my terminal in there - I ran the command openvpn startingpoint.ovpn but after saying initiatlisation completed nothing else happens. RIght I am connected to the OpenVpn on my Windows PC and it is green on HTB so I can follow the walkthrough in this video but cannot do the technical part because of the explanation of my challenge i mentioned earlier.
Hey, you said nothing happens.. Has it worked before? Are you able to ping the machine from your VM? Have you tried to reset VM? Reset VPN? Regenerate VPN pack? Switch servers? Checked the HTB discord/forum for support?
Thanks very much
Any time! 👊
only 4 machine is free now and i have to pay for those upgrade vip why is that?
Looks like they have updated the questions
Awesome tutorial
thanks mate! 🥰
Thanks alot buddy
Any time mate! 👊
Well explained !
thank you! 🙏
I'm going back to school for cybersecurity this year. Studying for the A+ and the Sec+. I've been having a problem getting The machines to ping. I'm connected to the VPN and I can ping the tunnels but then I'll go to ping the machine and nothing happens
I would check on the HTB forums or discord, there's probably some troubleshooting steps and tech support if all else fails. Good luck with your studies! 🙂
@@_CryptoCat thank you, I'll check it out tonight after work
Thank youuuuu
It helps me a lot =)))
aww thank you! love the profile pic 😁
Can you share your terminal color text sir ? I very love it .
Of course! You can check it here: imgur.com/a/gCnvq8A - beware that some tools really benefit from a standard colour profile though, e.g. linpeas, so it's good to create a separate profile that you can easily swap between 🙂
The begining was very rough.. Especially since you took a different route connecting to a VPN by using grep.... Very confusing..
Sorry about that! I like to try and get people to see bash aliases early, as it's a great feature 😆
why do you connect to hackthebax wepage frum the VM?. Any risks connecting on the laptop itself?
I just do everything in a VM, to keep my personal PC separate from my hacking.. It's not so much for security as it is to keep my main system clean of tools, files or other artefacts. VMs of course provide the additional security too though!
Which video recording program are you using ?
Very good and top
Thank you! 💜
thank you, you are amazing =)
awww thank *you* 💜
Are you doing Kali on a virtual machine?
I'm using Parrot OS but Kali is also good!
Hey I don't if you read my meassage but in today's date they added vip subscription for this basics is there any soln for this?
Oh no! I didn't hear about that 😞
when I scan the port of Meow
with Nmap , it is showing filtered and I am not being able to connect to it.
Hmmm if you are running the same scan as in the video, try to reset the machine. It can take a couple of mins for services to fully boot as well.
@@_CryptoCat yes it works thanks
what vm are you using and what app are u using?
Using VMWare workstation. Not sure which app you mean? Maybe the operating system.. if so, it's Parrot OS 😉
If you don't understand this video, where do you go? I am dying to start pentesting but I don't understand half I read :( I can download and install Linux in a VM, but from there I am lost. Who in YT can help?
Any particular you don't understand? Probably the best recommendation is to check the official PDF walkthrough (and some other walkthroughs on Google) as it may have more detailed steps. If there's a part of the video/walkthrough you really don't get, e.g. NMap scans, then go and look for videos/writeups/tutorials specific to that tool/idea you are unsure about. HackTheBox academy has some really nice beginner-focused content as well 🙂
@@_CryptoCat Thank you so much for answering. I will look for pdf tutorials and keep on going from there. 🤩
Well starting point is literally kicking my a**. I smoked an entire pack today working at it. Even when i follow the walkthrough (for preignition) i can't finish it. Says it can't run go buster for some reason.
throw the gobuster errror into chatgpt and see what it says.. or try a different tool, e.g. dirb, dirbuster, ffuf
You'll get there but it takes time, not going to happen overnight 👊
Just heard about HTB yesterday. So do I need to install Kali Linux to use the OVPN?
Yep, you'll need to connect with openvpn using the .ovpn file. Other operating systems will do but kali/parrot are probably the most popular. Alternatively, you can checkout the HTB pwnbox which is like a parrot VM running in the browser.
Alright cool. I have Linux Mint installed for one of my classes. Would it work on that or does it need to be Kali to use .ovpn?
@@TheWaken Linux Mint should be fine. If openvpn isn't pre-installed, it'll be easy enough to setup 🙂
@@_CryptoCat Cool, thank you.
Props
Hi CryptoCat, I am really liking HTB, but i keep getting VPN disconnects on the website, even though ifconfig still shows a "tun" connection. I have tried classic HTB too with no change. Any tips?
Hmmm you could try and swap server / generate a new VPN connection pack. Does the tun adapter still have an IP address when it disconnects? If you keep running into issues try the support channel in discord.gg/hackthebox 😉
Hello sir When I try sudo nmap -sV ipaddress of the machine it takes more time is it usual or is there any problem in my nmap tool and also in command Starting nmap 7.92 at end for you after timing GMT is shown but for me it shows +530 after timing but I have 7.93 version
Hi mate, I've not had many problems with the speed but a couple of suggestions; you could use rustscan to scan TCP ports (it's very fast) or do what I do, use masscan to scan all 65k TCP *and* UDP ports, then feed the open ones to nmap (maybe you're doing this already, not sure if I mentioned in the video). You can also check for posts on HTB forum/reddit/discord as you are certainly not the only person to experience this issue: forum.hackthebox.com/t/why-nmap-scanning-is-too-slow/2352
@@_CryptoCat ok 👍 Thanks for your reply 🥰 you are the reason i believe and started learning on CTF thanks for your hard work 👍
@@jeonmichael1482 Awww thanks mate, keep it up! 👊
@@_CryptoCat Brother Sorry for asking this type of silly questions Is it ok to learn from tutorial as a beginner and apply on capture the flag or is there anything learn before doing this type of capture the flag on hack the box lab ? Can you give some suggestions bro pls 🙏
@@jeonmichael1482 It's definitely OK to do that. I'd recommend get stuck into CTFs and HTB, if you can't find the flags or root the boxes, follow tutorials/writeups until you can 🙂
are you doing this in a VM or your actual computer?
Always inside a VM!
@@_CryptoCat thank you so much for the reply you’re a life saver 😁
this is fucking awesome.
thank you! 💜
What is the second window being used to get the info. Command prompt or something else?
Which part of the video? Can you give timestamp?
Tysm
💜
is there a way to get the virtual machine for longer then 2 hours?
I doubt it 😞
yo I got a issue, im on parrot os and I can't install xfreerdp (package "freerdp-x11" has no installation candidate). It refers me to install freerdp2-x11, but it also errors:
freerdp2-x11 : Depends: libfreerdp-client2-2 (= 2.3.0+dfsg1-2+deb11u1) but 2.9.0+dfsg1-1~bpo11+1 is to be installed
E: Unable to correct problems, you have held broken packages.
I've searched for answers but found none, tried apt update, apt upgrade, apt --fix-broken install -y, nothing is working and im pretty sure some libraries are broken or something.
nevermind, got it working, had to downgrade some packages for some reason
uno the terminal ur using whered u get it from
actually it's just the default terminal that comes install on the parrotos, i just changed the colours: imgur.com/a/kcFR9id - i kinda wanna swap to tmux for some additional functionality but i'm just so used to things the way they are 😅
@@_CryptoCat when i idownload parrotos then what cause when i open it nothing happenes
@@easharsidhu9339 hmmm you mean when you open the terminal? you can right click and go into the preferences to get up the user options
Do you have any videos for the absolute beginner?
The HTB starting point is aimed at absolute beginners *but* some general knowledge about IT/networks will really help. TryHackMe is a bit more guided so if you find HTB wayyy too hard, check it out first 😉
thank you!!!!!!!!!!!!!
🥰
i dont have access to a good computer, does hackthebox work on the phone?
Hmmmm maybe with the help of their pwnbox, but I can't imagine it's a nice experience xD
In the dancing challenge i am getting "Warning: .......... giving up on port because retransmission cap hit (10)." please let me know how to get rid of it
Tried to reboot the box + VPN?
I use Kali through Windows remote desktop and did xrdp wsl2 to get the kali gui. I have ubuntu and kali app on windows. Do i need to download ubuntu again on the remote desktop? thanks.
Ermm I'm not too sure what this is referring to, can you timestamp the video where you are stuck? You shouldn't need Kali AND Ubuntu 🤔
telnet: Unable to connect to remote host: No route to host
what should i do bro ?
Probably a connectivity issue, you could try and ping the box. If no response, double check your VPN connection and reboot the machine. If that fails, maybe try and swap VPN servers (re-download the connection pack).
@@_CryptoCat Thank u so much
Gotta doubt...
Do you think i can do web app penetration testing and ctf's in a rasberry pi 4 with a 8 GB ram??
i dont see why not! there's instructions for installing kali on pi 4: www.kali.org/docs/arm/raspberry-pi-4/
the better the spec, the better the performance will be of course but it should be fine for learning 😉
@@_CryptoCat yeah i know but wanna make sure that it can handle multi threading while using tools like hydra, gobuster, burpsuite, etc...
so i guess i have to add some fans to it
whent i type ftp in the terminal it says the command isnt found ?
try "sudo apt-get install ftp"
IT's fantastic!
🥰🥰🥰
its not giving me to do explosion , it says i need to upgrade
Which tool says this? Can you give the full output?
So these videos don’t get monitize by RUclips???
Most do but some are non-monetized or limited. I have ads on the lowest permittable setting though and YT really doesn't pay much. This is my most profitable video, earning me a grand total £17 since I released it nearly a year ago 🤑
how did you make your cursor always hand cursor?
magic
good question lmao.. i have no idea xD
Um i have no idea where the vpn is downloaded? do i download it through the terminal or my own user? how do i access it through the terminal?
3:10
I watch ... I learn ... I practice .... more practice ...
I am a white hacket 😅
This is the way 🙏
How did you get your text colors for your terminal at the start
Here's a screenshot of the theme settings, which I adapted from a DefCon theme I saw on reddit: imgur.com/a/gCnvq8A
Only thing I'd say is when using certain tools, e.g. LinPeas, the colours won't be very helpful (for identifying what is most vulnerable). Best to keep an OG profile that you can quickly swap to when running certain tools 😉
I got connection refused when I tried to telnet in my Kali Linux with windows openvpn connected I can ping the IP in the VM
Is this part of one of the 5 machines in the video? Been a while since I recorded if you can point to me to the timestamp I'll try to help!
@@_CryptoCat yes very easy, but I'm just taking answer and pasting them. I cannot ssh and telnet in the VM's
@@michaelinzo OK, so you connect your VM to the HTB VPN and you *can* ping the target machine, but can't telnet/SSH on *any* box? Has it been a long running issue? Did you say you're using Windows? Any AV/Firewall issues?
@@_CryptoCat Yeah I can ping and stuff etc. and yeah I have Bitdefender currently installed but I already add exemption to VM workstation IP. I got AV because there's a lot of attacks recently and I need to be really careful.
@@michaelinzo If you disable your Bitdefender for a min does it work? I've had endless problems with security software interfering with VMs I use for malware analysis, pen-testing etc. I had to switch from Bitdefender to Kaspersky a few years ago because they were unable to provide enough flexibility for me to do my academic research, i.e. even when fully disabled, their software blocked my lab machine functionality.
If might not be your AV/firewall but the best way to troubleshoot is via process of elimination.. Check more steps here: wpastra.com/guides-and-tutorials/ssh-connection-refused/
But one think some time I forget to play a day the point will automatically loss or not to loss
Ermm are you asking if the questions/answers reset if you don't finish the box within 24 hours? I don't think they do..
Its saying "You must stop your active machine before spawning another one." help!!
Did you stop the active machine? 😁 You should be able to see it along the navigation bar at the top. If that fails, logout/login or switch VPN server 😉
I’m doing Fawn on their pwnbox and everytime I get down to finding the flag in ftp it says command not found and then when I use Sudo it asks for a password that it never takes. Someone please help!!!!
I haven't really used the pwnbox but if you don't get it working you can DM me some screenshots on Twitter @_CryptoCat and i'll try to help 🙂
Just in case anyone needs the answer to this problem after you enter command 'get flag.txt' you need to open a new tab in the terminal and enter 'ls' then 'cat flag.txt' which will open the text if you followed the steps. Hope that helps.
When i use this openvpn /path/to/starting.....ovpn the openvpn code is some how not working in my linux mint??! And can not connect to vpn ??!
is openvpn installed? what does it say?
I wanna know that were you using a virtual machine?
Yep! I use Parrot (Linux) and CommandoVM (Windows), inside VMWare workstation 🙂
Do I have to install kali Linux to connect to HTB VPN?
nope! whatever operating system you are working from you can connect to the VPN. i would recommend using a virtual machine though 😉
@@_CryptoCat Thanks! I’m new to the cybersecurity space and I'm looking to get some practice and experience under by belt. I'm just having trouble getting this VPN to connect. I'm currently running out MAC
@@WealthyMindsFinance i not got much experience with MacOS but try openvpn.net/client-connect-vpn-for-mac-os/ if you're not using already
i don't have xfreerdp install on my parrot os. When i try to install i get an error " The following packages have unmet dependencies: freerdp2 -x11 : Depends: libfreerdp-client2-2 (= 2.3.0+dfsg1-2+deb11u11) but 2.7.0+dfsg1-1~bpo11+1 is to be installed" . Can someone please help me with this issue. Thanks.
Try running this in terminal:
sudo apt-get install libfreerdp2-2
how do i use a linux terminal if i have windows as my OS?
can i use a virtual machine from virtual box and run OVPN on it and just do all the challenges on it?
You can use something like Putty and Boxstarter on windows: boxstarter.org. I'd recommend using a linux system though, it's important to learn.
Can a non vip htb member follow this? Or only vip members can access and solve the problems??
Some of the machines are VIP only, but most are playable for free 😉
Isn't the active port for ftp 20?
It is indeed! 💯
what would i download from kali linux to do what ur doing? Im so new to all of this lol.
tbh you shouldn't need much.. kali comes with many tools built in and if anything is missing you can probably run "sudo apt-get install " to install 😉
after you ping the ip address how do you get it to stop?
CTRL + C, should do it 🙂