HackTheBox Pterodactyl Writeup
A walkthrough of the HackTheBox 'Pterodactyl' machine. This write-up covers initial access, privilege escalation, and post-exploitation techniques.
HackTheBox Pterodactyl Writeup
Nmap
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
┌──(dollarboysushil卐kali)-[~/Documents/htb_boxes/pterodactly]
└─$ nmap -sC -sV 10.129.222.48
Starting Nmap 7.98 ( https://nmap.org ) at 2026-02-09 02:54 -0500
Nmap scan report for 10.129.222.48
Host is up (0.28s latency).
Not shown: 957 filtered tcp ports (no-response), 39 filtered tcp ports (admin-prohibited)
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 9.6 (protocol 2.0)
| ssh-hostkey:
| 256 a3:74:1e:a3:ad:02:14:01:00:e6:ab:b4:18:84:16:e0 (ECDSA)
|_ 256 65:c8:33:17:7a:d6:52:3d:63:c3:e4:a9:60:64:2d:cc (ED25519)
80/tcp open http nginx 1.21.5
|_http-server-header: nginx/1.21.5
|_http-title: Did not follow redirect to http://pterodactyl.htb/
443/tcp closed https
8080/tcp closed http-proxy
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 50.22 seconds
Secured
Active HackTheBox Challenge
This challenge is currently active on HackTheBox. According to HTB's content policy, sharing writeups of active challenges is prohibited.
This writeup will be made publicly available once the challenge is retired.
This post is licensed under
CC BY 4.0
by the author.