0xBEN
/
Sign up to 0xBEN!
Already have an account? Sign in

HackTheBox | Cobblestone

In this walkthrough, I demonstrate how I obtained complete ownership of Cobblestone on HackTheBox
0xBEN
19 min read
HackTheBox | Cobblestone
https://www.hackthebox.com/machines/Cobblestone
Owned Cobblestone from Hack The Box!
I have just owned machine Cobblestone from Hack The Box
Hack The Box

Nmap Results

# Nmap 7.95 scan initiated Mon Aug 11 12:02:45 2025 as: /usr/lib/nmap/nmap -Pn -p- --min-rate 2000 -sC -sV -oN nmap-scan.txt 10.129.218.98
Nmap scan report for 10.129.218.98
Host is up (0.017s latency).
Not shown: 65533 closed tcp ports (reset)
PORT   STATE SERVICE VERSION
22/tcp open  ssh     OpenSSH 9.2p1 Debian 2+deb12u7 (protocol 2.0)
| ssh-hostkey: 
|   256 50:ef:5f:db:82:03:36:51:27:6c:6b:a6:fc:3f:5a:9f (ECDSA)
|_  256 e2:1d:f3:e9:6a:ce:fb:e0:13:9b:07:91:28:38:ec:5d (ED25519)
80/tcp open  http    Apache httpd 2.4.62
|_http-server-header: Apache/2.4.62 (Debian)
|_http-title: Did not follow redirect to http://cobblestone.htb/
Service Info: Host: 127.0.0.1; OS: Linux; CPE: cpe:/o:linux:linux_kernel

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Mon Aug 11 12:03:29 2025 -- 1 IP address (1 host up) scanned in 44.76 seconds
My CTF Methodology
In this post, I examine the steps I take to approach a typical CTF in the form of a vulnerable target (also known as boot2root), and elaborate on steps at each phase.
0xBEN0xBEN

Read the full story

Sign up now to read the full story and get access to all posts for Pending Publication HackTheBox tier only.

Subscribe
Already have an account? Sign in
0xBEN
Great! You’ve successfully signed up.
Welcome back! You've successfully signed in.
You've successfully subscribed to 0xBEN.
Your link has expired.
Success! Check your email for magic link to sign-in.
Success! Your billing info has been updated.
Your billing was not updated.