Beginner’s Guide to Conquering MakeSense on Hack the Box

The CyberSec Guru

Mastering MakeSense Beginner's Guide from HackTheBox

If you like this post, then please share it:

Buy me A Coffee!

Support The CyberSec Guru’s Mission

🔐 Fuel the cybersecurity crusade by buying me a coffee! Why your support matters: Zero paywalls: Keep the main content 100% free for learners worldwide.

“Your coffee keeps the servers running and the knowledge flowing in our fight against cybercrime.”☕ Support My Work

Buy Me a Coffee Button

Key Highlights

  • You begin with an nmap scan to confirm open ports and map the web server surface.
  • The target redirects HTTP to HTTPS, so the login page on port 443 becomes the main focus.
  • Directory discovery reveals hidden directories and exposed files that leak useful credentials.
  • A pfSense version check points to known vulnerabilities tied to command injection.
  • A Python exploit sends a reverse shell to your attacker box through netcat.
  • Access quickly leads to the user flag and root flag, with little extra privilege escalation needed.

Introduction

If you want a practical hackthebox walkthrough that builds real penetration testing skills, this guide is a solid place to start. The MakeSense challenge, based on the provided material, teaches you how small mistakes turn into major vulnerabilities. You will move from reconnaissance to web login analysis, credential use, and final code execution. Along the way, you sharpen the habits that matter most in labs and exam-style practice without getting lost in noise or unnecessary steps.

MakeSense Hack The Box
MakeSense Hack The Box

Understanding the MakeSense Machine on Hack The Box

At a basic level, this machine centers on a web-facing server with a pfSense interface. Your first clue comes from nmap, which shows only a small attack surface, making every finding more important.

Once you reach the login area, the path becomes clearer. The challenge rewards careful observation, smart password testing, and good note-taking rather than random guessing. That is why understanding the setup before touching the exploit matters so much.

ALSO READ: Mastering Enigma: Beginner’s Guide from Hack The Box

What is MakeSense and Why Try This Challenge?

This challenge is a web-focused hackthebox machine built around a vulnerable app exposed through a pfSense interface. From the start, you interact with a login page, inspect what the site reveals, and use that information to move forward. It is a clean example of how web enumeration supports deeper system access in cybersecurity work.

For beginners, that makes it useful. You are not buried under dozens of services. Instead, you learn to slow down, inspect the browser output, and pay attention to small clues like redirects, public files, and version details. Those habits often matter more than fancy tooling.

A good beginner tip is simple: trust your recon. If default login ideas fail, keep enumerating. Check visible files, read changelogs, and test what exposed information suggests. This box rewards patience and methodical thinking more than speed.

Difficulty Level and Skills You’ll Develop

Based on the supplied walkthrough material, the challenge feels approachable for learners who already know the basics. You scan a server, inspect a router-style pfSense web interface, discover exposed files, and use known vulnerabilities rather than building a custom exploit from scratch.

That flow helps you build practical penetration testing skills. You practice service enumeration, web content discovery, credential reasoning, exploit selection, and shell handling. You also learn an important lesson about escalation: sometimes full compromise comes fast once the right vulnerability is confirmed.

Yes, this kind of machine can support OSCP-style preparation because it teaches process. You identify attack paths, reduce guesswork, and chain findings together. Even though the final escalation is straightforward, the discipline behind the path is what makes it valuable for exam practice.

The full technical breakdown continues with practical notes, private explanations, step-by-step reasoning, scripts, diagrams, and member-only learning material. This section includes deeper context that goes beyond the public version, including CTF methodology, attack-path thinking, tool usage, and structured cybersecurity learning resources prepared for members.
Members-only content below
🔒
This private writeup is reserved for members (Dropping Shortly)

Unlock members-only CTF content, exclusive courses, premium notes, scripts, diagrams, practical security breakdowns, and video courses coming soon.

The CyberSec Guru Membership

Go Beyond Public Cybersecurity Posts

Members get access to the deeper side of The CyberSec Guru — members-only CTF content, exclusive courses, premium notes, scripts, diagrams, and video courses dropping soon.

🗄️
The Member Vault
Private resources, early learning material, practical breakdowns, and upcoming video-based cybersecurity lessons — all built for members.
What members can expect
Members-only CTF content with clear explanations from foothold to root.
Exclusive cybersecurity courses designed for structured learning.
Video courses coming soon for practical, step-by-step learning.
Premium notes and diagrams for concepts, attacks, and tools.
Tool and script drops released to members first.
Real-world vulnerability breakdowns beyond surface-level news.
Membership access includes
CTF archive — private writeups, explanations, scripts, and practical notes.
Vault
Exclusive learning content — courses, members-only posts, and deeper technical walkthroughs.
Member
Video lessons — upcoming cybersecurity video courses and guided explanations.
Soon

Members can expect private writeups, exclusive courses, early resources, practical security breakdowns, and video courses coming soon.

ALSO READ: Mastering Nimbus: Beginner’s Guide from Hack The Box

What You Need Before Starting MakeSense HTB

Before you begin, make sure your tools are ready and your workflow is simple. A Linux setup helps, and the provided material specifically references Kali for common testing utilities.

You also need a browser for checking the pfSense interface directly and a stable way to reach the server. Since this path relies on enumeration, version review, and exploit use, having the right tools open from the start will save you time in later stages.

Required Tools and Software for Linux Machines

You do not need a huge toolkit for this machine. The core path in the supplied walkthrough uses a few standard Linux utilities from the terminal, plus a browser. Most of the work comes from observation and correct sequencing, not from running dozens of scanners.

The key tools include:

  • nmap for discovering open ports, service banners, and the redirect from HTTP to HTTPS
  • gobuster or dirbuster for finding directories and text files exposed on the web server
  • netcat through nc for catching the reverse shell from the target
  • python for running the public exploit script tied to the pfSense command injection issue

You may also know john and hash handling from other boxes, but they are not central here based on the compiled steps. The real requirement is comfort with the terminal, basic web enumeration, and reading exploit usage carefully before launching it.

If you are new, focus on a few basics before starting. You should understand what web vulnerabilities look like, how enumeration shapes your decisions, and why blind brute force is usually weaker than evidence-based testing. That foundation makes the whole machine easier to read.

Helpful knowledge areas include:

  • how to interpret scan output and connect services to likely attack paths
  • how exposed files can reveal credentials, software versions, or operational mistakes
  • how escalation can sometimes be built into the initial exploit path
  • how to avoid wasting time on brute force when better clues already exist

One beginner tip stands out: do not ignore small disclosures. In this machine, public files do the heavy lifting. If you build that habit early, your penetration testing skills improve quickly and you avoid chasing low-value guesses.

Key Reconnaissance Strategies for MakeSense Hack The Box

Good reconnaissance drives this box. A careful nmap scan shows limited open ports, which narrows your focus and keeps you from wasting time on services that are not there.

From that point, you shift to web enumeration and look for directories, text files, and version clues. That sequence matters because the later command injection path only becomes obvious after the earlier recon exposes the right username, software release, and likely weakness.

Initial Network Scanning and Service Enumeration

Start with a full nmap scan so you can see the complete network picture. The provided material shows two open ports: 80 for http and 443 for HTTPS. Port 80 redirects to 443, which tells you the web app behind TLS is the real target.

From there, verify what the scan reveals:

  • confirm the nmap scan results and note the lighttpd web server banner
  • open the site in a browser and inspect the redirected URL behavior
  • enumerate directories with gobuster or dirbuster against the HTTPS service
  • read any discovered text files instead of treating them like low-value noise

This technique works because the machine is small and clue-driven. You do not need to reverse a binary or spread your effort too wide. The best enumeration comes from combining scan results with careful browsing and targeted directory discovery.

Identifying Potential Entry Points

Once you reach the login page, test obvious ideas but do not stay there too long. The provided walkthrough shows that default credentials like admin and pfsense did not work. That is useful, but it is also where many people create rabbit holes for themselves.

A better move is to map likely entry points and judge each one by evidence:

Entry PointWhat It ShowsWhy It Matters
Login pagepfSense interface on HTTPSConfirms the app type and narrows attack focus
Default credentialsCommon guesses failPrevents wasted time on blind retry loops
Hidden directoriesPublic files like changelog.txt and system-users.txtMay reveal usernames, version data, or weak operational choices
Version informationpfSense 2.1.3-RELEASELinks the target to known vulnerabilities, including command injection

The machine typically revolves around information disclosure plus a known pfSense weakness. So the real entry path is not magical. It is built by following clues from exposed content to valid access and then to exploit selection.

Step-by-Step Guide to Solving MakeSense on Hack The Box

If you want a step-by-step route, keep the workflow linear. Enumerate first, validate what the web interface is, and only then move into exploitation. That order cuts down mistakes.

The full path is simple once you see it clearly: discover the service, find leaked credentials, log in, identify the vulnerable version, trigger a reverse shell, and collect both the user flag and root flag. The next sections walk through that escalation path in order.

Step 1: Performing Effective Enumeration

Begin with nmap against the target and record the open ports. In the compiled information, the host exposes 80 and 443, with port 80 redirecting to HTTPS. That tells you your browser work should focus on the secure url rather than the plain web page.

Next, open the site and inspect what appears. The page presents a pfSense login interface. Try the obvious defaults once, but avoid looping on them. The better next move is content discovery, not repeated guessing.

Run gobuster or dirbuster against the HTTPS service and review every useful result. The standout files are changelog.txt and system-users.txt. These are not minor findings. They give you the clues needed to identify the software version and infer working access, which sets up the exploit path cleanly.

Step 2: Exploiting Discovered Vulnerabilities

After login, inspect the dashboard and confirm the installed pfSense release. The walkthrough material identifies version 2.1.3-RELEASE. Once you have that, search for known vulnerabilities. In this case, the important issue is a command injection flaw tied to pfSense below 2.1.3 in the vulnerable script mentioned by the exploit.

That gives you a practical route. Use searchsploit to locate the public Python exploit and copy it locally. Before running it, set up your listener so you are ready for the incoming shell.

The exploit works by sending a reverse shell back to your attacker machine through netcat. This machine typically hinges on exposed information, valid web access, and then command injection. The weak point is not abstract. It is an outdated service combined with a known exploit path.

Step 3: Gaining User Access and Capturing the User Flag

The key credentials come from system-users.txt. The provided writeups point to rohit and the default password pfsense. Once those are entered on the login page, you gain access to the pfSense dashboard and can verify the version safely.

This is a good lesson in restraint. You do not need brute force here because the box already gives you enough to reason out the password. The phrase in the file hints at company defaults, and matching that to pfSense defaults gives you the answer.

After exploitation, use the shell you receive to navigate the file system and grab the user flag from Rohit’s area. Even if the shell is not a full PTY, it is still enough for simple navigation and file reading. Keep commands basic and focused.

Step 4: Privilege Escalation Techniques for Root Access

On many boxes, privilege escalation is a separate puzzle. Here, the supplied material shows that the exploit lands you in a very strong position immediately. In one walkthrough, the reverse shell returns as root, which means the escalation path is effectively built into the original compromise.

That changes your approach. Instead of hunting for sudo rules or odd services, verify your permissions first. If you already have elevated access, go straight to the root directory and capture the root flag. Fast confirmation prevents wasted effort.

The mention of maximum storage duration or maximum storage does not play a real role in the provided exploitation chain. So keep your attention on what the evidence supports: authenticated access, version confirmation, exploit execution, and direct root-level results rather than invented escalation branches.

Conclusion

In conclusion, conquering the MakeSense challenge on Hack The Box is not just about technical skills; it’s also about cultivating a mindset of persistence and curiosity. By understanding the machine’s intricacies and employing effective reconnaissance strategies, you’ll not only enhance your hacking abilities but also build a solid foundation for future challenges. Remember, every attempt teaches you something new, so don’t be discouraged by setbacks. As you embark on this journey, be sure to subscribe for more insights and guidance to further sharpen your skills and tackle even more complex challenges. Happy hacking!

Frequently Asked Questions

Can using write-ups help if I get stuck on MakeSense Hack The Box?

Yes, a write-up can help if you are stuck, especially after you have tried your own recon first. On hackthebox, use a browser and google carefully to understand vulnerabilities, tooling, and methodology. The goal is to learn the path, not just copy commands without understanding them.

What are some common mistakes to avoid on MakeSense?

A common mistake is getting trapped in rabbit holes around the login page and ignoring what the server exposes publicly. Another is overdoing credential guessing when clues already point to the answer. Also, do not assume escalation is always separate. Check your shell privileges before chasing extra steps.

How does MakeSense prepare you for the OSCP exam?

It helps by reinforcing process. You start with an nmap scan, move into web enumeration, connect version data to known vulnerabilities, and confirm escalation results correctly. Even without a binary challenge, the machine strengthens core penetration testing skills that map well to exam-style decision making.

Where can I find more MakeSense Hack The Box writeups?

You can find more write-up material through google, community blog posts, and hackthebox discussions for retired machines. Open them in your browser only after attempting the box yourself. Focus on how others handled directories, version discovery, and exploit selection rather than copying the final commands blindly.

Buy me A Coffee!

Support The CyberSec Guru’s Mission

🔐 Fuel the cybersecurity crusade by buying me a coffee! Your contribution powers free tutorials, hands-on labs, and security resources.

Why your support matters:
  • Writeup Access: Get complete writeup access within 12 hours
  • Zero paywalls: Keep the main content 100% free for learners worldwide

Perks for one-time supporters:
☕️ $5: Shoutout in Buy Me a Coffee
🛡️ $8: Fast-track Access to Live Webinars
💻 $10: Vote on future tutorial topics + exclusive AMA access

“Your coffee keeps the servers running and the knowledge flowing in our fight against cybercrime.”☕ Support My Work

Buy Me a Coffee Button

If you like this post, then please share it:

Discover more from The CyberSec Guru

Subscribe to get the latest posts sent to your email!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Discover more from The CyberSec Guru

Subscribe now to keep reading and get access to the full archive.

Continue reading