all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Stocker — Hack The Box

Add to bookmarks
Jan. 26, 2023, 12:45 p.m. | Rahul Kumar

System Weakness - Medium systemweakness.com

Stocker — Hack The Box

In this writeup, we will solve a box on hackthebox called Stocker.

https://medium.com/media/172fa75207969271d31e4587e6258f20/href

Nmap Scan

nmap -sC -sV -Ao nmap/stocker 10.10.11.196

From the Nmap scan, we get the HTTP URL for the web page.

echo "10.10.11.196 stocker.htb" >> /etc/hosts

Web enumeration

There is nothing much on the home page.

Subdomain enumeration

gobuster vhost -u http://stocker.htb/ -w /usr/share/seclists/Discovery/DNS/subdomains-top1million-5000.txt

Add the subdomain in the /etc/hosts file

if we intercept the login request.

This web page is vulnerable …

box hack hacking hack the box hackthebox-walkthrough hackthebox-writeup information security node.js

Visit resource

More from systemweakness.com / System Weakness - Medium

Protect Yourself from Online Scams: Essential Phishing Email Analysis Techniques. 1 day, 6 hours ago | systemweakness.com
cybersecurity ethical hacking information technology malware +1
Cross-Site Scripting: Understanding, Preventing, and Mitigating Risks 1 day, 20 hours ago | systemweakness.com
continue cross-site cybersecurity data +18
University Linux Course (CTIS166) VS HackTheBox Academy Linux Fundamentals Module 1 day, 20 hours ago | systemweakness.com
bilkent-üniversitesi gnu-linux information technology linux +1
TryHackMe — LDAP Injection — Writeup 1 day, 20 hours ago | systemweakness.com
cybersecurity cybersecurity awareness tryhackme tryhackme-walkthrough +1
Analyzing WSH RAT 1 day, 20 hours ago | systemweakness.com
cyberchef cybersecurity javascript malware analysis +1
The Essential Cybersecurity Mindset 1 day, 20 hours ago | systemweakness.com
age career advice cybersecurity cyber security awareness +20
Secure Architecture: Infrastructure Controls 1 day, 20 hours ago | systemweakness.com
architecture article ask controls +12
Data Breaching in Secure Companies 1 day, 20 hours ago | systemweakness.com
breach business companies continue +12
How Prompt Injection Can Steal Your Data 4 days, 1 hour ago | systemweakness.com
ai chatbots chatgpt cybersecurity +1

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Security Compliance Strategist

@ Grab | Petaling Jaya, Malaysia
View on infosec-jobs.com

Cloud Security Architect, Lead

@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)
View on infosec-jobs.com