Official Stocker Discussion

Official discussion thread for Stocker. Please do not post any spoilers or big hints.

Rooted! Nice box focusing on web hacking!


any hints please i cant find any sub*****ns or any clues on the website

1 Like

I will hold off on giving hints until around 24 hours have passed.

I found the su****n but seems like can’t do any si

Same - stucked there too. Weird easy machines HTB has these days.

1 Like

Rooted !! any hints feel free to ask me

Try again with sub*****n enumeration perhaps use ffuf or gobuster vhost enumeration

I bypass the developer subdomain login page but Now I get confused,
Please share the hint for shell access

how can i get password from /var/www/dev/index.js i am unable to read complete code in 1 page pdf.

Check where get request sent to with Burp…

I am stuck with the login bypass - any hints?

Try noSQL injection

Thanks that did the trick.

1 Like

which wordlist should I enumerate with

you will find what you are looking for in the SecList (GitHub - danielmiessler/SecLists: SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.) repo, the name of the folders are quite self-explanatory :wink:

got logged in :+1:.
then analyzed the functionality of app and what it does,
tried several tricks to exploit but couldn’t. :disappointed_relieved:
can anyone give me hints please?

1 Like

any tips on logging in?

Stuck after getting into the app

Could you help with advice on how to proceed

update: got in to the app.

there’s a good tip in one of the previous posts. if you’re not having any luck, don’t be afraid to change things up a bit. :wink: