Imagine a box called Boxy. If I find through enumeration that boxy.htb exists, then I'll go play with it and base a solution upon it. The challenge was built that way by the box creator.
Recently I have spotted some walkthroughs that guess (correctly) the existence of boxy.htb and the solution that follows entirely relies upon that guess.
In one particular case,Trick, the popular solution out there is entirely different to what I believe the creator intended. Perhaps I have it wrong, and trick.htb was enumerated.
So the question is: do HTB want us to guess that boxy.htb could be a thing or not?

(June 28, 2022, 09:00 PM)rdre8 Wrote: Imagine a box called Boxy. If I find through enumeration that boxy.htb exists, then I'll go play with it and base a solution upon it. The challenge was built that way by the box creator.
Recently I have spotted some walkthroughs that guess (correctly) the existence of boxy.htb and the solution that follows entirely relies upon that guess.
In one particular case,Trick, the popular solution out there is entirely different to what I believe the creator intended. Perhaps I have it wrong, and trick.htb was enumerated.
So the question is: do HTB want us to guess that boxy.htb could be a thing or not?

I think sometimes in writeups when people are 'guessing' they are just not showing the steps. In the same way when authors don't show you how to make a revshell or how to use Burp. I also know some authors just map the IP to that domain for the purpose of making their writeup easier to read (so new readers can distinguish local IP and machine)