Skip to main content

Starting the box

Link to the box: https://app.hackthebox.com/machines/Facts

Port Scan

We start off the box by running a port scan on the provided IP.
Attacker Linux
rustscan --ulimit 5000 -a 10.129.8.97 -r 1-65535 -- -A -vvv -oN Facts
Output of Rustscan:
Terminal Output
Open 10.129.8.97:22
Open 10.129.8.97:80
Open 10.129.8.97:54321
Output of Nmap:
Terminal Output
PORT      STATE SERVICE REASON         VERSION
22/tcp    open  ssh     syn-ack ttl 63 OpenSSH 9.9p1 Ubuntu 3ubuntu3.2 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey:
|   256 4d:d7:b2:8c:d4:df:57:9c:a4:2f:df:c6:e3:01:29:89 (ECDSA)
| ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBNYjzL0v+zbXt5Zvuhd63ZMVGK/8TRBsYpIitcmtFPexgvOxbFiv6VCm9ZzRBGKf0uoNaj69WYzveCNEWxdQUww=
|   256 a3:ad:6b:2f:4a:bf:6f:48:ac:81:b9:45:3f:de:fb:87 (ED25519)
|_ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPCNb2NXAGnDBofpLTCGLMyF/N6Xe5LIri/onyTBifIK
80/tcp    open  http    syn-ack ttl 63 nginx 1.26.3 (Ubuntu)
|_http-title: Did not follow redirect to http://facts.htb/
| http-methods:
|_  Supported Methods: GET HEAD POST OPTIONS
|_http-server-header: nginx/1.26.3 (Ubuntu)
54321/tcp open  http    syn-ack ttl 62 Golang net/http server
|_http-title: Did not follow redirect to http://10.129.8.97:9001
|_http-server-header: MinIO
A few key notes:
  • Port 22 (SSH) is open.
  • Port 80 (HTTP) redirects to http://facts.htb/. Running Nginx 1.26.3.
  • Port 54321 (HTTP) identifies as MinIO - an S3-compatible object storage server. It redirects to http://10.129.8.97:9001, which is not directly accessible, but we’ll keep this in mind.

Edit the Hosts file

As always, we edit the /etc/hosts file to add the hostname:
Attacker Linux
sudo nano /etc/hosts
/etc/hosts
Nano Interface
10.129.8.97 facts.htb

Active Box

This box is currently still active on Hack the Box - Full writeup will be available when the box is retired. Feel free to reach out to me on LinkedIn or Discord for nudges & sanity checks.
Last modified on February 18, 2026