InfoSec Write-ups

A collection of write-ups from the best hackers in the world on topics ranging from bug bounties…

Follow publication

Member-only story

Stocker — HackTheBox Machine Simple Writeup | 2023

Karthikeyan Nagaraj
InfoSec Write-ups
Published in
4 min readJan 17, 2023

Make sure to Connect with the Release Arena VPN, Don’t Connect with Normal HackTheBox VPN

Analysis:

  1. Let’s Start with a Nmap Scan

2. As usual 2 ports are open sshandhttp. So Now let’s Enumerate the http service

3. Before we analyse the http service, Make sure to add the domainstocker.htb to your/etc/hosts as this is the domain we need to Enumerate.

4. Let’s Explore the host stocker.htb to further Analyse for anything Interesting

5. Now Let’s Enumerate subdomains using gobuster

gobuster vhost -w /usr/share/seclists/Discovery/DNS/subdomains-top1million-5000.txt…

Published in InfoSec Write-ups

A collection of write-ups from the best hackers in the world on topics ranging from bug bounties and CTFs to vulnhub machines, hardware challenges and real life encounters. Subscribe to our weekly newsletter for the coolest infosec updates: https://weekly.infosecwriteups.com/

Written by Karthikeyan Nagaraj

Entrepreneur | Writer | Cyber Security Consultant | AI Researcher TopMate - https://topmate.io/cyberw1ng

Write a response