Before getting started you need a a Hacknet Account and Password. like this:

After logging in and booting the "HacknetOS" you should see something like this:



If you are new to Hacknet i suggest that you play the Turtorial first.



The Turtorial will teach you how to Hack into a target machine. the more you progress in the storyline, the more exploits and experience you will get.

The SSHCrack is an Exploit used for opening the Port#22 .
the SSHCrack can be found on nearly every server or node.

how to use:

sshcrack "portnumber"

example:

742.806.97.2> sshcrack 22


The FTPBounce is an exploit used for opening the Port#21 .
The FTPBounce is a slow working exploit that can be found on nearly every server or node.

how to use:

FTPBounce "portnumber"

example:

742.806.97.2> ftpbounce 21

The FTPSprint Exploit is an exploit used for opening the FTP port.
The FTPSprint is a fast working exploit that can be used on nearly every server.

how to use:

FTPSprint "Portnumber"

example:

742.806.97.2> FTPSprint 21


The SMTPOverflow is an exploit used for opening Port#25 .
This exploit takes a short amount of time to open the port.

how to use:

SMTPOverflow "portnumber"

example:

742.806.97.2> SMTPOverflow 25
The WebServerWorm is an exploit used for opening the Port#80 .

The WebServerWorm is an slower exploit, but it takes only a small amount of your Random Access Memory.

how to use:

WebServerWorm "portnumber"

example:

742.806.97.2> WebServerWorm 80

The SQL_MemCorrupt and The SQLBufferoverflow are exploits used for opening Port#1433

he SQL_MemCorrupt and The SQLBufferoverflow have the same operation speed so there is no difference between those exploits.

Both exploits have a short operation time.

how to use:

SQL_MemCorrupt "portnumber"

or

SQLBufferoverflow "portnumber"

example:

742.806.97.2> SQL_MemCorrupter 1433

or

742.806.97.2> SQLBufferoverflow 1433
The KBT_PortTest is used for opening the Port#104 .

The KBT_PortTest is an exploit whit a higher operation time.

how to use:

KBT_PortTest "portnumber"

example:

742.806.97.2> KBT_PortTester 104

The TorrentStreamInjector is an exploit ussed for opening the Bittorrent Port 6881
The TorrentStreamInjector has a long spindown time.

hint: useing "ps" and the killing it after it opened the port works.

how to use:

TorrentStreamInjector "Portnumber"

example:

742.806.97.2> TorrentStreamInjector 6881

The Signalscrambler is a tool that slowsdown and then stops the Trace depending on how many percent it´s loaded. it needs to spin up completely to stop a trace but operats as soon as admin privileagues are granted.

how to use:

742.806.97.2> SignalScrambler

hint:

active with 20% = trace still dangerous but good to go
active with 70% = trace is really slow
active with 100% = trace is suppressed

The SSLTrojan is a exploit used to open the SSL ports. it´s portnumber often changes.
The SSLTrojan need to be executed on an previously opened port.

how to use:

SSLTrojan [Portnumber] [Flag] [Portnumber]

flags:
-s --> SSH
-f --> FTP
-w --> HTTP
example:

742.806.97.2> SSLTrojan 443 -h 8080

The PacificPortcrusher is a exploit used to open the Port 192.
it´s a fast working exploit which isn´t found often. it mostly is found on the Pacific Air servers.

how to use:

PacificPortcruscher "Portnumber"

example:

742.806.97.2> PacificPortcrusher 192

The MemForensics is a tool that is used to analyze Memory Dumps. it´s really useful for investigating servers that don´t have a obvious hidden PW or file content.

how to use:

MemForensics [FILENAME]

example:

742.806.97.2> MemForensics Salmonia.mem

The MemDumpGenerator is a tool used for generating Memorydumps.
it has a function that automatically stops it´s process whn the dump would just contain junk data.

The DECHead is an exploit used for getting the ip of the encyption server of an encrypted data.

how to use:

DECHead "filename"

example:

742.806.97.2> DECHead GreenPony♥♥♥♥♥.rec
The Decypher is an exploit used for file encryption.

how to use:

Decypher "filename" "password"

example:

742.806.97.2> Decypher Alp_Luachra ssh288
The Tracekill is an exploit used to suppress an active foreign trace.

how to use:

742.806.97.2> Tracekill

Note: Tracekill uses a high amount of your RAM


The Porthack is an exploit used for getting the password of a Server or Node.

how to use:

742.806.97.2> Porthack

Note: to run Porthack it requires some open ports!




The eosdevicescan is an exploit used for scanning a target server or node for eos devices.

you can get admin acces on the eos by logging in as admin.

how to use:

eosdevicescan

example:

742.806.97.2> eosdevicescan

found test1 111.222.33.4

742.806.97.2> connect 111.222.33.4
742.806.97.2>login
Username: admin
Password: alpine

Login Successful.


Note: all eos systems used "alpine" as password.

NetmapOrganizer is a useful too which can be used for haveing a nice and tidy Netmap.
it hast the following nodes: Scattered, Grid, Scan sequence.

explanation:

Scattered: the normal way the netmap is arranged with all nodes placed randomly.

Grid: a nice and tidy Grid of nodes. realyl useful sicne there is no overlapping.

Scan Sequence: a ncie methode of haveing complex servers kept together. unfortunatly causeing overlapping

Tuneswap is a tool used for changeing the running track. it only works with the tracks introduced during the KaguyaTrails.

how to use:

742.806.97.2>Tuneswap

ThemeChanger is a tool used for changeing the X-server.sys file. you can find x-server files all around other nodes.

how to use:

742.806.97.2> ThemeChanger

COMshell is a shell commander tool. it can controll all active Shell´s at once without the need of useing the GUI of Hacknet. it makes hacking Easier and more Effective.

A Casual Guy:
ComShell:
ComShell is a program which enables control over all shells simultaneously.
Available arguments:
-o : Sets all shells into overload mode;
-e : Closes all shells (WARNING: with 10+ shells may cause FPS drops);
-c : Cancels overload on all shells.

help [PAGE NUMBER]
Displays the specified page of commands.
scp [filename][OPTIONAL: destination]
Copies file named [filename] from remote machine to specified local folder (/bin default)
scan
Scans for links on the connected machine and adds them to the Map
rm [filename (or use * for all files in folder)]
Deletes specified file(s)
ps
Lists currently running processes
kill [PID]
Kills Process number [PID]
ls
Lists all files in current directory
cd [foldername]
Moves current working directory to the specified folder
mv [FILE][DESTINATION]
Moves or renames [FILE] to [DESTINATION]
(i.e: mv hi.txt ../bin/hi.txt)
connect [ip]
Connect to an External Computer
probe
Scans the connected machine for active ports and security level
exe
Lists all available executables in the local /bin/ folder (Includes hidden and embedded executables)
disconnect
Terminate the current open connection.ALT: "dc"
cat [filename]
Displays contents of file
openCDTray
Opens the connected Computer´s CD Tray
closeCDTray
Closes the connected Computer´s CD Tray
reboot [OPTIONAL: -i]
Reboots the connected computer. The -i flag reboots instantly
replace [filename] "target" "replacement"
Replaces the target text in the file with the replacement
analyze
Performs an analysis pass on the firewall of the target machine
solve [FIREWALL_SOLUTION]
Attempts to solve the firewall of target machine to allow UDP Traffic
login
Requests a username and password to log in to the connected system
upload [LOCAL FILE PATH]
Uploads the indicated file on your local machine to the current connected directory
clear
Clears the terminal
addNote [TEXT]
adds a note containing [TEXT] to your notes
append
Appends a line contaning [DATA] to [FILENAME]

Shells can be used for Bypasseing Proxy´s or as a Defensiv countermeasure.

Overload: Used for flooding a Proxy with Network junk. useing several Shells make the process of Overloading faster. Some Proxy´s might take time other can be bypassed with a single shell.

Shells are compact, low memory remote processes running on a seperate machine that can be controlled locally from any connection.

These incredibly convenient processes are useful for many tasks, though what they are capable of is determined by the type of shell being run.

-Overload:
Designed to test networks and proxy servers, this functionality floods the target machine with junk network traffic from the node running the shell, filling up proxy server memory and soaking cpu time.

-Trap:
A shell running this mode will notify the running user when a foreign user connects to the machine running the shell, and allow an emergency forkbomb flood to be executed on all other users connected to it remotely.

This can be incredibly useful for maintaining the security of a remote networked computer while doing other work.

Shell used for Poxy Bypass:


Trap: The Trap will be usefull in Multiplayer mode but also in the one time in the Story. Click on Trap and wait until your system is accesed by your enemy. click the "Trigger" button to flood all ports with a Forkbomb Command.

Shell used in "Trap" mode:

Firewall´s protect a system from foreign network traffic.useing porthack won´t work aslong as the firewall is active on the target Server or Node.



-"In this Situation, the firewall solution will need to be provided before an unsyndicated login attempt can be attempted - effectively meaning that any known password cracking software will be useless while a firewall is active."

-"Firewall complexity can be examined with the "analyze" command - running the analyze command multiple times will automatically detect patterns in the response data headers and will eliminate characters it can guarantee are not a part of the correct firewall solution.
Once a potential solution is found, the command "solve [FIREWALL_SOLUTION]" can be used to attempt to syndicate.





use "analyze" until you´ve got the right password.


if you got the right password the type: solve "password" like in this picture.

If you have been successful the it should say: Firewall Bypassed like in this picture

If not, the you probably missed a character or used the wrong password.

742.806.97.2> Analyze

analyze 6 :
----------------------------------------
000H000000000000000000000
00000000000000000O0000000
000R000000000000000000000
00000000000000S0000000000
E000000000000000000000000
----------------------------------------

742.806.97.2> solve HORSE.............................
SOLVE SUCCESSFUL - Syndicated UDP Traffic Enabled
742.806.97.2>


Nove Solarius:
-A firewall needs to be analyzed seven times;
-Symbols included in the password can be placed anywhere in the line, symbols not included in the password will always be pushed to the left;
-Passwords for firewalls are not case-sensitive;
-Passwords can contain zeroes, in which case the line will obviously be all zeroes;
-Passwords are read top to bottom;

-Passwords will tend to be words, but they don't have to be;
-Tying into the previous tip, it's usually worth seeing if you can quickly guess the password after finding only a few letters;
-Passwords don't usually change after disconnecting. Finishing analysis, disconnecting and figuring out the password before reconnecting is a valid strategy;
-In the case of letters, there will always be a single capital letter in a line. This is the one included in the password.
-If analysis takes an unusually long time, don't bother. You can usually find the password for such a firewall elsewhere.

Memory Forensics are about analyzeing and creating Memorydumps of other nodes.
it´s is really needed to be confident with the MemDumpGenerator and the MemForensics tool.

those dumps are created by useing the MemDumpGenerator.exe

the programm is checkign for useable files. if there aren´t any useful files the tool will abort the creation fo the dump

the MemForensics.exe is a tool used for analyzeing the content of the Memorydumps.

there are 3 Categories.

-Recent Commands

-Files in Memory

-Images in memory

make sure to check all categories so you are 100% sure to have seen every informations of the dump.

Traces - Passive
In response to the increasingly hostile and active world of computer security and hacking, new digital security suites will generally include soem method of tracking the location of any "hostile" activity taken against said server.

This is naturally an imperfect science, so there are 2 genrally recognized forms of traces, Ative and Passive.

This article describes Passive Traces.

1: Passive Traces
-------------------------------
A passive trace is a computer programm running on a machine that attempts to detect hostile action and mount a traceing action against it. The methode of doing so varies from programm to program. (and consequently the time it generally takes to complete does too).

A passive trace can in the theory be prevented from completeing by useing a self-unduced crash at the exact tiem that the ping arrives from the hostile server, giving it no return, such that it assumes the package never arrived.

This would require OS-level integration though, and is not a known feature on any widely recognized OS, leaving this an effective trackign methode for would-be assailants.
Traces - Active
In response to the increasingly hostile and active world of computer security and hacking, new digital security suites will generally include soem method of tracking the location of any "hostile" activity taken against said server.

This is naturally an imperfect science, so there are 2 genrally recognized forms of traces, Ative and Passive.

This article describes Passive Traces.

2: Active Traces
-------------------------------
An active trace is a tracking effort undertaken by an individual working against either a currently active conenction or, more commonly, logs left on a server by a careless hacker.

An active trace is un-trackable and is generally done by attempting to breach security on nodes used in the routing path and observing the connection route logs.

An active trace can be prevented by wipeing away a chain in the connection link such at the pursuer has nothing to follow, and as such it is recommended that if an active trace is to be mounted against an assailant, it is done as soon as possible.

The Emergency Trace Aversion Sequence will be activated if the Trace reaches 0 .
as soon as it reaches 0 your get a warning screen.

This is now your only opportunity to change your IP adress. Clicking on the "Begin" button will load the Failsafe dump to your active system.

Important things to remember:
- ISP Management Server: 68.144.93.18
- keep calm! getting things right in this mode has highest priority!
- Never search for the ISP Node! use the "connect" comand instead.

The Emergency Trace Aversion Sequence can look like this:

Note: The Emergency Trace Aversion Sequence (ETAS) will be available as soon as your granted an account at CSEC

- if you play Hacknet, have a note and a pencil next to you.it will be helpful in some later missions.

- Use multiple Shells for Bypasseing some proxy´s. it will decrease the amount of time for the bypass. Remember to close them after bypasseing the proxy to get your RAM back.

- exploits like KBT_PortTest, SQL_MemCorrupt / SQLBufferoverflow and TorrentStreamInjector can be executed even with active Firewalls or Proxy´s.

-Use the Tab key instead of typeing the stuff out. the tab key has an autocomplete function.

-Search every Server/Node for informations or secrets. maybe they help you progressing in the story line.

I hope this Guide is helpful to you. it´s the ultimate reference guide made from my old first one and polished with my new knowledge.

i am really glad that i get ncie resonance to this guides and the forums.

Thanks to Nova Solarius for the nice Entry addition of the Firewall section!

Thanks to A Casual Guy for the nice explanation of COMshell.exe and it´s function.
screenshot of the Discord original was added.