Writeups for HacktheBox machines (boot2root) and challenges written in Spanish or English.
Machines writeups until 2020 March are protected with the corresponding root flag. But since this date, HTB flags are dynamic and different for every user, so is not possible for us to maintain this kind of system. So from now we will accept only password protected challenges, endgames, fortresses and retired machines (that machine write-ups don't need password). For endgames or fortresses, the password should be all the flags concatenated.
Since June 2023, to verify flag challenges first contact us (oscar.alfonso.diaz@gmail.com).
It is totally forbidden to unprotect (remove the password) and distribute the pdf files of active machines, if we detect any misuse will be reported immediately to the HTB admins.
Anyway, all the authors of the writeups of active machines in this repository are not responsible for the misuse that can be given to the corresponding documents. Please think that this is done to share techniques not for spoilers.
If you want to incorporate your own writeup, notes, scripts or other material to solve the boot2root machines and challenges you can do it through a 'pull request' or by sending us an email to: hackplayers_at_Ymail.com.
In this way, you will be added to our top contributors list (see below) and you will also receive an invitation link to an exclusive Telegram group where several hints (not spoilers) are discussed for the HacktheBox machines.
Please consider protecting the text of your writeup (e.g. not allowing to be copied) so that it can not be easily shared on platforms such as Pastebin. Of course, if someone leaks a writeup of an active machine it is not the responsibility of the author. If we detect someone who does it, they will immediately report to the HTB Staff so they can take the appropriate measures.
Note: the minimum requirement to enter the "special" Telegram group is also to have a hacker level or higher (no script kiddies).
Ctry | nick | avatar | team | machines | challenges |
---|---|---|---|---|---|
absolutezero | Sentry | Fighter | |||
xephrox | solitaire wolf | Mischief | |||
worldunruled | hackmethod | Active | |||
rtheory | FlavorTown | Reddish | |||
thereverend | solitaire wolf | Active | |||
Zaiuss | L1k0rD3B3ll0t4 | Celestial | |||
attl4s | juankeres | Falafel | |||
kauffman | solitaire wolf | Poison | |||
revil | solitaire wolf | Sunday | |||
k4nj1d | solitaire wolf | nibbles | |||
giovii | criuz | Mischief | |||
3zculprit | solitaire wolf | Olympus | |||
FuxSocy | PhobosGroup | Dev0ops | |||
abselithat | Pratum | Chatterbox | |||
Killerloops | prosegur | Tear or dear | |||
Renero | criuz | Digital Cube | |||
Gibdeon | PKTeam | Old Bridge | |||
therearwindow | solitaire wolf | Beatles | |||
malwrecon | solitaire wolf | Ypuffy | |||
labyrinth | badwolf | Ebola Virus | |||
zdravich | TMHC | Carrier | Mission Impossible | ||
Wh04m1 | YoRHa | Ropme | |||
coldBug | NeatMalwAreParty | Curling | |||
dionero | solitaire wolf | Jerry | |||
TheShahzada | solitaire wolf | Mischief | |||
SadClown | solitaire wolf | Redcross | |||
julianjm | solitaire wolf | Old Bridge | |||
snowman418 | solitaire wolf | Reel | |||
jondow | Bailando | Help | |||
lolfireball | solitaire wolf | Lightweight | |||
solsanctum | solitaire wolf | Carrier | |||
fbbc | solitaire wolf | Conceal | |||
4lexag | EphorSec | Cryptohorrific_es, Cryptohorrific_en | |||
superhedgy | Solitaire wolf | Netmon | |||
blazz3 | PwnD34L3rS | Sizzle | |||
Marduk | PwnD34L3rS | Helpline | |||
lduros | solitaire wolf | SwagShop | |||
explmuzz | N00b543V3R | Bastion | |||
AlhA | solitaire wolf | Emdee Five for Live | |||
liamm | PORTKNOCKWHOSTHERE | Jarvis | |||
cavla | Solitaire wolf | Crooked Crockford | |||
entropy | Solitaire wolf | Crooked Crockford | |||
MrP4p3r | Solitaire wolf | Fuzzy | |||
emmanuel | Solitaire wolf | Craft | |||
Cript0crc | Solitaire wolf | Eemedefive for live | |||
bWlrZQo | USCh4ck3r5 | Craft | |||
naveen1729 | Solitaire wolf | Player | |||
AmbrotD | Solitaire wolf | USB Ripper | |||
danielcues | Ripp3rs | Mission Impossible | |||
arcc | Solitaire wolf | json bitlab | |||
CRYPT0HEX | Solitaire wolf | Writeup | |||
couchpotato | Solitaire wolf | Heist | |||
sneakypanda | Mystiko | Zetta | |||
nitrow | Solitaire wolf | Image Processing 101 | |||
Cyb3rb0b | Solitaire wolf | Json | |||
N7E | iamroot | Mango | |||
Parteek Singh | D3v1L5 | Sniper | |||
c1cada | CommandlineKings | Obscurity | |||
Mrigendra Soni | Solitaire Wolf | Postman | |||
mikeywayne | Solitaire Wolf | traverxec | |||
Milo | p0t4t03s | ezpz | |||
N1Z4M | 7eam4dholokam | OpenAdmin | |||
corshine | Solitaire Wolf | OpenAdmin | |||
SevenLayerJedi | Solitaire Wolf | Nest | |||
IamKsNoob | Solitaire Wolf | Postman | |||
Bayrem | Cartographer | ||||
Bayrem | Solitaire Wolf | Cartographer | |||
3gbCyber | KAU | OpenAdmin | |||
FlapJack | NashvilleCTF | OpenAdmin | |||
wazKoo | ScripTease | Traceback | |||
Shkk | Solitaire wolf | Monteverde | |||
elklepo | notSoBad | Fatty | |||
Chr0x6eOs | SickaLoot | QuickR | |||
dayld | Solitaire wolf | breaking grad | |||
7riple7hrea7 | p0tat0z | Interdimensional Internet | |||
caracal | HideAndSec | Mr. Burns | |||
aminegr | Solitaire Wolf | Emdee five for life | |||
run3 | hack2tan | Mission Pinpossible | |||
Isopach | Solitaire Wolf | Baby RE | |||
YoavD | Solitaire Wolf | HackyBird | |||
adhkr | Solitaire Wolf | Stocker | |||
R1D3R | KernelChaos | Derailed |
Hack the Box is a superb platform to learn pentesting, there are many challenges and machines of different levels and with each one you manage to pass you learn a new thing. But talking among ourselves we realized that many times there are several ways to get rooting a machine, get a flag ... That's why we created this repository, as a site to share different unofficial writeups to see different techniques and acquire even more knowledge. That is our goal and our passion, to share to learn together.
Some people have been distrustful because in this repository there are writeups of active machines, even knowing that absolutely each one of them is protected with the corresponding password (root flag or challenge). But We did not want to give up this because we think the most interesting thing for a HTB player is to check other users' walkthroughs right after they get it, that is, not wait for weeks or months afterwards. For this reason, we have asked the HTB admins and they have given us a pleasant surprise: in the future, they are going to add the ability for users to submit writeups directly to HTB which can automatically be unlocked after owning a machine. And also, they merge in all of the writeups from this github page. Simply great!
Therefore it is a real pride that they have decided to include the functionality of this repo directly on their platform. When this is done, this Github will be migrated and will be inactive but with a pleasantly fulfilled mission. Until then, Keep pushing!
Hackplayers community, HTB Hispano & Born2root groups.