Hax4Lolz

Information Security Blog

Challenges

That’s what I’ve been working on. HTB Challenges that is. I started working on them and I’ve found that they are a lot of fun to do and they are a good way to practice specific skill areas. I’ve been working on the web challenges for now, and I’ve already learned multiple new tools and I have more confidence in my ability to find web vulnerabilities and exploit them.

Some of the challenges have been pretty straightforward. There was one in particular that I immediately tried an SQL injection on the login field and completed the challenge. There are others that required much more thought. I am quite proud of the python script that I had to create in order to pass one of the challenges. I want to figure out a way to post that script to this page in order to share it. Maybe I can post a writeup to this challenge and password protect it until it is retired.

I think what makes me the most proud of that script is that I don’t feel like I have that good of a programming background. I spent a couple years in a Computer Science degree program, but I never felt like a really got good at programming. This challenge, and the python script that I wrote for it, gave me the confidence to make sure that I use scripting when it comes down to my next OSCP test attempt.

On that note, I was given the go-ahead by work to purchase 30 days of lab time and a test retake. I guess this is about to get real. I am still going to take some time before I jump back into the labs. I am really enjoying and learning from HTB right now and I want to continue down that path for a bit longer.

Here’s to the challenges!

VulnHub Rooted: 3
HTB Rooted: 0
HTB Challenges: 5

-hax4lolz

Leave a Reply

Your email address will not be published. Required fields are marked *

Scroll Up