Here at Hack The Box, we have some pretty cool jobs. One of the coolest jobs in our company is the lab designing role.
Think about it. Imagine if you were paid to make interactive environments for computer hacking. “Please make some software that’s designed for people to try to attack it, break it.” I think of it like making an Escape Room, but as a computer program. Our lab designers basically make computerized puzzles, which are also kind of like clay pigeons to aim your bullets at. Clay pigeon puzzles. Like a shooting range trapped in a labyrinth. It’s pretty darn mind blowing, if you ask me!
Our labs aren’t only fun to play with, they also serve a very important function. We’re teaching people how to break software cybersecurity so we can make more cyber secure software. Cyber attacks to some systems can have incredibly expensive or even deadly consequences. Credit card numbers breached to the Dark Web make individuals and banks lose (collectively) billions of dollars. A cyber attack to the embedded computer in a semi-autonomous vehicle speeding down the highway can cause dozens to die in a collision. A cyber attack to embedded medical devices (such as pacemakers) can also be lethal. There’s only one conclusion. By teaching people how to improve application security, we at Hack The Box are literally saving lives.
There are two types of labs that we offer hackers who are self-educating-- our Hacking Labs, which are appropriate for n00bs to experts, and our Pro Labs, which are for advanced level hackers only.
If you want a more approachable Pro Lab to start with, I recommend trying Dante. You can find it in the Pro Labs section of our app. Here’s its description:
“Dante is a modern and beginner-friendly Pro Lab that provides the opportunity to learn common penetration testing methodologies and gain familiarity with tools included in the Parrot OS Linux distribution.”
Now, onto APTLabs!
I had the honor to chat with one of our Pro Labs designers, @cube0x0. He makes our APTLabs Pro Lab. Here’s the description of the lab, from the overview:
“APTLabs is an advanced challenge for red teamers that provides the opportunity to test multiple network attacks and TTPs (Tools, Techniques, Procedures). If you are ready for a tough, highly stimulating, and exciting hacking operation, go APT or go home! This advanced lab consists of fully patched servers, prevalent enterprise technologies, a simulated WAN network, and much more!”
APTLabs is a Managed Service Provider (MSP) scenario. I think that’s very, very topical. REvil ransomware recently attacked more than 1,000 companies worldwide through an MSP! So APTLabs is an excellent example of how our Pro Labs teaches hackers skills which are relevant to today’s cyber threats.
Kim “Crowgirl” Crawley: Tell me about your work at HTB as a Pro Labs designer.
cube0x0: It started about one and a half or two years ago, when I was chatting with Ian (Ian Austin, our Head of Content Innovation) about me developing a simulated MSP environment in a lab.
I then got the offer to make my lab into a Pro Lab that would be hosted by HTB. I took the latest and greatest attacks, and did my research on how it worked, and how I can modify it to force users to do their own research and have a creative mind. I did this mostly on weekends while working as a security consultant for my former employer. After a few months, APTLabs was created.
Crowgirl: Wonderful. How did you learn how to design labs? How did you develop your skills before you joined HTB?
cube0x0: I have a degree in system administrations, all we did during that time was to create environments and labs. The only difference between that and creating a Pro Lab is that one of the labs is vulnerable.
Crowgirl: How do you begin to design a lab? Do you start with disc images and virtual machines? Do you write scripts or tweak pre-existing scripts?
cube0x0: There are three phases. The first is the fundamentals phase. I consider what should be taught, which context will be used, what we’re trying to teach, and to whom.Next is the research phase. It’s a learning phase, just read up on all the attacks that fit the fundamentals.Finally, there’s the design phase. I make decisions on how my research will be implemented. VMs dedicated to the Pro Lab will not be created before phase three.
Crowgirl: That’s so cool.
cube0x0: To make the development go faster, I use Powershell scripts. (Editor’s comment: Powershell is an application that’s used to remotely administrate Windows machines. Attacking it can be highly critical!)
Crowgirl: Very cool! Are some labs more difficult to design than others?
cube0x0: Nah, it all depends on your background, I would say. Things like user simulations are very easy to do after you have done it once already.
Crowgirl: Do you have anything else that's interesting to share with our readers?
cube0x0: Doing something the first time is always hard. With dedication, a “don't give up” mentality, and a willingness to learn there are no limitations on what someone can accomplish.
So what are you waiting for? Learning to be a pro hacker is a lot of fun and I really recommend it.
Interactive, hands-on, complex scenarios that give players the chance to penetrate enterprise infrastructure and hone their offensive engagement skills. Pick any of our Pro Labs, own it, and get your certificate of completion.
Starting from Dante which is ideal beginners to “the beast”, to APTLabs, here is a quick overview of our Pro Labs:
Penetration Tester Level I
14 Machines | 26 Flags
Pentesters must-have & beginner-friendly
Penetration Tester Level II
21 Machines | 38 Flags
Real-world enterprise Active Directory hacking
Red Team Operator Level I
15 Machines | 22 Flags
A virtual Red Team simulation
Red Team Operator Level II
21 Machines | 18 Flags
Advanced Red Teaming on a hardened enterprise environment
Red Team Operator Level III
18 Machines | 20 Flags
The ultimate Red Team challenge
We’re always launching exciting new vulnerable machines and networks to attack, for all skill levels!