Official Stocker Discussion

d3ntata · January 20, 2023, 9:27pm

I have an idea of what’s happenning but I am still learning. I already tried adding it into /etc/hosts and it didn’t work

PwnerSec · January 20, 2023, 9:34pm

Rooted! DM me on discord (n3hal#1527) if anyone needs a nudge!

Gateberg · January 20, 2023, 9:38pm

Can’t tell if you’re being serious

SaveTheWeb · January 20, 2023, 10:04pm

I am kidding for the NSA just a joke but I am serious for Chat GPT come on it is better to learn than doing it by an AI no what do you think anyway ? just saying no worry

SaveTheWeb · January 20, 2023, 10:11pm

at the beginning me either I got trouble for adding to the local host, please just type: subl /etc/hosts +enter it will open your local host file then write your IP address you want to access. write it down this way in your file subl /etc/hosts

#HTB
10.129.23.242 stocker.htb
10.129.23.242 dev.stocker.htb

then refresh the page or go the page and it will work

do not forget to save your file; subl /etc/hosts with your IP you added. otherwise it won’t work

warning this is the IP address I got so take the one from your HTB session it must be different I guess

SaveTheWeb · January 20, 2023, 10:12pm

I replied to you below

d3ntata · January 20, 2023, 10:54pm

thanks, I already fixed it

WhoKnowsWhat · January 21, 2023, 2:32am

Can inspect be used on this box, instead of burb, to finish the webpage section?

machliManav · January 21, 2023, 12:20pm

I got login page but I am stuck after that, can you please help me what next i need to do?

lim8en1 · January 21, 2023, 12:32pm

PM me and I’ll give you some hints. I’ve rooted this box not so long ago

d3ntata · January 21, 2023, 2:52pm

Hi, I need help I sent you a friend req

dvuk993 · January 23, 2023, 10:32pm

Finally rooted this machine.
Feel free to ask for some tips

elf1337 · January 24, 2023, 9:08am

Rooted. Nice Box thanks to the creater .

Plus1059 · January 26, 2023, 5:12am

Just got root. User was a lot harder than root in my opinion. Very fun box though I had a good time with this.

The hints already posted here should be just about enough. Especially @Wiiz4Rd’s are good.

Couple things I’ll add:
Perhaps after you discover the frame to look through, see if you can change the size of said frame.
Also, what is running the site? You can use the wappalyzer extension to find out. This may help you determine what file to read.

Feel free to DM with questions, I’ll get back as soon as I can!

GreyStrawHat · January 31, 2023, 12:39am

This box was awesome with tons of helping tips in this discussion, if anyone still struggling with this box wants some tips to get their mind in the right place feel free to dm me anytime.

llama · February 2, 2023, 3:25pm

Hmm I bypassed the login page, but not sure what to do next, clues seem to be referring to some kind of frame, but absolutely no idea what that means, also got logged out and can’t bypass login again, which is weird. Any pointers on what to do next, on the page with all the items, adding to basket etc.

UPDATE: Nevermind, got there thanks to some help, then got root, fun box!

Jutin · February 4, 2023, 5:59pm

Every 5 minutes the machine becomes unpingable and its hard to try any exploits… anyone have workarounds for this stuff

Edit: Switched VPN to TCP and now everything seems peachy…