HackTheBox Cobblestone Writeup
A walkthrough of the HackTheBox 'Cobblestone' machine which is Insane rated linux box. This write-up covers initial access, privilege escalation, and post-exploitation techniques.
RECONNAISSANCE
NMAP
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
└─$ nmap -sC -sV 10.129.222.68
Starting Nmap 7.95 ( https://nmap.org ) at 2025-08-11 09:10 EDT
Nmap scan report for 10.129.222.68
Host is up (0.27s latency).
Not shown: 998 closed tcp ports (reset)
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 9.2p1 Debian 2+deb12u7 (protocol 2.0)
| ssh-hostkey:
| 256 50:ef:5f:db:82:03:36:51:27:6c:6b:a6:fc:3f:5a:9f (ECDSA)
|_ 256 e2:1d:f3:e9:6a:ce:fb:e0:13:9b:07:91:28:38:ec:5d (ED25519)
80/tcp open http Apache httpd 2.4.62
|_http-server-header: Apache/2.4.62 (Debian)
|_http-title: Did not follow redirect to http://cobblestone.htb/
Service Info: Host: 127.0.0.1; OS: Linux; CPE: cpe:/o:linux:linux_kernel
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 18.25 seconds
Active Challenge
This challenge is currently active on HackTheBox.
In accordance with HackTheBox's content policy, this writeup will be made publicly available only after the challenge is retired. This approach maintains the integrity of active challenges while ensuring educational resources are available for learning purposes.
Secured
Content Access Required
Enter the password to unlock the full writeup content
This post is licensed under
CC BY 4.0
by the author.