Skip to main content

Starting the box

Link to the box: https://app.hackthebox.com/machines/wingdata

Port Scan

We start off the box by running a port scan on the provided IP.
Attacker Linux
rustscan --ulimit 5000 -a 10.129.5.219 -r 1-65535 -- -A -vvv -oN Wingdata
Output of Rustscan:
Terminal Output
Open 10.129.5.219:22
Open 10.129.5.219:80
Output of Nmap:
Terminal Output
PORT   STATE SERVICE REASON         VERSION
22/tcp open  ssh     syn-ack ttl 63 OpenSSH 9.2p1 Debian 2+deb12u7 (protocol 2.0)
| ssh-hostkey:
|   256 a1:fa:95:8b:d7:56:03:85:e4:45:c9:c7:1e:ba:28:3b (ECDSA)
| ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBL+8LZAmzRfTy+4t8PJxEvRWhPho8aZj9ImxRfWn9TKepkxh8pAF3WDu55pd/gaSUGIo9cuOvv+3r6w7IuCpqI4=
|   256 9c:ba:21:1a:97:2f:3a:64:73:c1:4c:1d:ce:65:7a:2f (ED25519)
|_ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFFmcxflCAAe4LPgkg7hOxJen41bu6zaE/y08UnA4oRp
80/tcp open  http    syn-ack ttl 63 Apache httpd 2.4.66
|_http-server-header: Apache/2.4.66 (Debian)
|_http-title: WingData Solutions
| http-methods:
|_  Supported Methods: GET POST OPTIONS HEAD
A few key notes:
  • Port 22 (SSH) is open, running OpenSSH 9.2p1 — nothing useful without credentials.
  • Port 80 (HTTP) is open, served by Apache httpd 2.4.66. The page title is “WingData Solutions” — a file sharing platform.
  • OS is Linux (Debian), inferred from the TTL of 63.

Edit the Hosts file

As always, we edit the /etc/hosts file to add the hostname:
Attacker Linux
sudo nano /etc/hosts
/etc/hosts:
/etc/hosts
10.129.5.219 wingdata.htb

Active Box

This box is currently still active on Hack the Box - Full writeup will be available when the box is retired. Feel free to reach out to me on LinkedIn or Discord for nudges & sanity checks.
Last modified on February 18, 2026