- Published on
Hack the Box Progress
- Authors
- Name
- Emma
Challenges
WEB Challenges Completed:
Templated
Phonebook
MISC Challenges Completed:
Canvas
FORENSIC Challenges Completed:
Illumination
Emo
Chase
OSINT Challenges Completed:
Easy Phish
Missing in Action
Starting Point Boxes
Tier 0 Completed Boxes
Meow #(telnet, network, protocols, reconnaissance, weak credentials, misconfiguration)
Fawn #(ftp, network, protocols, reconnaissance, anonymous/guest account)
Dancing #(network, protocols, SMB, reconnaissance, anonymous/guest account)
Redeemer #(redis, vulnerability assessment, databases, reconnaissance, anonymous/guest access)
Explosion #(network, programming, RDP, reconnaissance, weak credentials)
Preignition #(web, custom applications, apache, website structure discovery, default credentials)
Mongod #(mongodb, web, databases, misconfiguration, anonymous/guest access)
Synced #(rsync, network, anonymous/guest access)
Tier 1 Completed Boxes
Appointment #(web, databases, injection, apache, mariaDB, PHP, SQL, SQL injection)
Sequel #(vulnerability assessment, databases, mySQL, SQL, reconnaissance, weak credentials)
Crocodile #(web, network, custom applications, protocols, apache, FTP, clear text credentials, anonymous/guest access)
Responder #(winRM, web, custom applications, XAMPP, SMB, responder, PHP, passsword cracking, RFI, RCE)
Three #(cloud, AWS, website structure discovery, bucket enumeration, arbitrary file upload)
Ignition #(common applications, magento, website structure discovery, weak credentials)
Bike #(javascript, web, injection, nodeJS, RCE, server side template injection)
Funnel #(FTP, postgreSQL, tunneling, password spraying, port forwarding, clear text credentials)
Pennyworth #(jenkins, java, RCE, default credentials)
Tactics #(network, SMB, misconfiguration)