HTB: corporate Writeup

Machine Information

Attribute	Details
Name	corporate
OS	Linux
Difficulty	Insane
Points	N/A
Release Date	N/A
IP Address	`10.129.x.x`
Author	D3vnomi

Machine Rating

⭐⭐⭐⭐⭐ (9.5/10)

Difficulty Assessment:

Enumeration: ⭐⭐⭐⭐⭐
Real-world: ⭐⭐⭐⭐⭐
CVE: ⭐⭐⭐☆☆
CTF-like: ⭐⭐⭐⭐⭐

Summary

corporate is an Insane-difficulty Linux machine from HackTheBox. The exploitation path follows a standard progression from enumeration through privilege escalation.

TL;DR: Enumeration → Foothold → User credentials → Privilege escalation → Root.

Note: This writeup is based on minimal source notes. For detailed exploitation information, refer to the external resources listed in the Initial Foothold section.

Reconnaissance

Port Scanning

nmap -sC -sV -T4 -p- 10.129.x.x

Results:

[Notes incomplete - enumeration and port scanning details not documented in source notes]

Service Enumeration

Hostname: corporate.htb

[Notes incomplete - service enumeration not documented in source notes]

Initial Foothold

Exploitation Path

[Notes incomplete - exploitation path not documented in source notes]

Reference Materials:

External writeup: https://darkwing.moe/2023/12/19/Corporate-HackTheBox/
Additional discussion: breachforums thread (referenced in source notes)

User Compromise

Credential Discovery

[Notes incomplete - credential discovery method not documented in source notes]

Note: A yescrypt hash was noted: $y$j9T$E2kQZ9TL6csvgTjXCvlau/$r4Y9/c5O8UQcdCVNKdPXn69PhHC35T59bpfjiUKEkoD

User Flag

cat ~/user.txt

🚩 User Flag: [Notes incomplete - flag not documented in source notes]

Privilege Escalation

Enumeration

sudo -l
find / -perm -4000 -type f 2>/dev/null
ps aux | grep -E "python|java|node|php|ruby"

[Notes incomplete - privilege escalation enumeration results not documented in source notes]

Exploitation (Root/Administrator)

[Notes incomplete - privilege escalation technique not documented in source notes]

Root Flag

cat /root/root.txt

🚩 Root Flag: [Notes incomplete - flag not documented in source notes]

Attack Chain Summary

graph TD
    A --> B
    B --> C
    C --> D
    D --> E
    E --> F

Tools Used

Tool	Purpose
`nmap`	Port scanning and service fingerprinting

Key Learnings

Thorough enumeration is critical — every open port and service can be a potential entry point.
Configuration files and databases often contain credentials that enable lateral movement.
Privilege escalation frequently depends on misconfigurations rather than software vulnerabilities.

Author

D3vnomi

Disclaimer

This writeup is for educational purposes only. All activities described were performed in a controlled, legal environment (HackTheBox platform). Unauthorized access to computer systems is illegal.

Last Updated: 08 Mar 2026

Tags: #HackTheBox #Linux #Insane