Hack The Box — Haircut: Walkthrough (without Metasploit)


As usual, start with nmap scanning.

$ nmap -sC -sV -Pn -oN nmap.txt -T4 
Host discovery disabled (-Pn). All addresses will be marked 'up' and scan times will be slower.
Starting Nmap 7.91 ( https://nmap.org ) at 2021-03-06 23:34 HKT
Nmap scan report for
Host is up (0.045s latency).
Not shown…




Cyber Security Enthusiast | OSCP | OSWE

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Algorithm Interview Questions 22

Solve an interesting problem by using DP, BFS and Dijkstra

All I Need Is A Kubernetes Namespace

Writeup two-Hitcon2017 & Find A function instead of rop-gadget

When talking about Agile software development, I like using the analogy of tightrope walking.

Watch This AI Read and Explain Computer Code

New developers and the knowledge gap

Minter’s Month in Review — June 2020

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
David Tse

David Tse

Cyber Security Enthusiast | OSCP | OSWE

More from Medium

HackTheBox Pandora Write-Up

Blue TryHackMe Write-Up

My First CTF (PicoCTF) — Obedient Cat!

NMAP commands for scanning remote hosts