Learning to fly

HTB is an interesting experience. My typical behaviour is to speed ahead, even if I don't know something — I'll generally figure it out later down the line. Structured learning has always been painful.

But this time, I wanted to try something different, as my general knowledge and understanding in this field is merely a smidgen.

I wanted to avoid the temptation of falling into the fantasy of being a "pro-hacker." When you put the ego aside, you soon begin to understand that looking for vulnerabilities is about patience, and exercising your own. I read somewhere that for an hour of hacking, you spend ten minutes breaking into the system and fifty minutes in enumeration.

I'm glad that I spent a very slow and deliberate effort working through Tier 0, and also spending time reading through and understanding the walkthroughs. Instead of skipping the tutorial, and despite my typical learning instinct, I worked through this tier slowly and very deliberately.

This tier is foundational.

Considerations

• Connection — Tier 0 demonstrates how data moves. Gaining access to instances of Telnet, SMB, or FTP isn't something amazing — it's most likely human error with some misconfiguration or something that was never addressed at deployment. Like making a first impression, giving the correct handshake is more important than running the script.
• Knowing your tool — Anyone can copy-paste an Nmap command. Tier 0 teaches you to read the instance of what you are doing. You need to interpret service versions and port states early on to prevent rabbit holes later in more complex tiers.
• Write things down — I started Adam's Bytes as an opportunity to capture my learnings for potential employment, but I've gained more than I expected. I've become quite good at stabilising my thoughts and structuring them into readable form. It's also a useful reference for things I've since forgotten.

Lessons Learned

• Doughnut sitting — If you spend 10 minutes hacking, you should have spent 40 minutes researching first.
• 1 Rep Max — The "Exploit" phase is the shortest part of the process. The recon is where the work happens. The entire process of doughnut sitting should prepare you well enough to max out the exploit cleanly.

What's Next?

Right now, I am watching videos on penetration testing, learning some software, and finishing my Google Cybersecurity course on Coursera. I've also installed a Linux dual boot to get familiar with Bash again, and I'm exploring home lab ideas in earnest.

Beside the structured studying, everything else is going on whimsy.