InfoSec Write-ups

Home

Newsletter

About

Follow publication

A collection of write-ups from the best hackers in the world on topics ranging from bug bounties…

Follow publication

Member-only story

Stocker — HackTheBox Machine Simple Writeup | 2023

HackTheBox’s New Machine — Stocker | Walkthrough | Karthikeyan Nagaraj

Karthikeyan Nagaraj

Published in

InfoSec Write-ups

4 min readJan 17, 2023

Make sure to Connect with the Release Arena VPN, Don’t Connect with Normal HackTheBox VPN

Analysis:

Let’s Start with a Nmap Scan

2. As usual 2 ports are open sshandhttp. So Now let’s Enumerate the http service

3. Before we analyse the http service, Make sure to add the domainstocker.htb to your/etc/hosts as this is the domain we need to Enumerate.

4. Let’s Explore the host stocker.htb to further Analyse for anything Interesting

5. Now Let’s Enumerate subdomains using gobuster

gobuster vhost -w /usr/share/seclists/Discovery/DNS/subdomains-top1million-5000.txt…

Create an account to read the full story.

The author made this story available to Medium members only.
If you’re new to Medium, create a new account to read this story on us.

Continue in app

Or, continue in mobile web

Sign up with Google

Sign up with Facebook

Sign up with email

Already have an account? Sign in

Published in InfoSec Write-ups

Last published 21 hours ago

A collection of write-ups from the best hackers in the world on topics ranging from bug bounties and CTFs to vulnhub machines, hardware challenges and real life encounters. Subscribe to our weekly newsletter for the coolest infosec updates: https://weekly.infosecwriteups.com/

Written by Karthikeyan Nagaraj

10.7K Followers

Entrepreneur | Writer | Cyber Security Consultant | AI Researcher TopMate - https://topmate.io/cyberw1ng

Responses (5)

Write a response

What are your thoughts?

Also publish to my profile

Help
Status
About
Careers
Press
Blog
Privacy
Terms
Text to speech
Teams