Hack The Box Buff Write-Up (Using msfvenom)

Buff — Card Info

1. Executive Summary

2. Description

2.1 Enumeration

Nmap result for Buff
Port 8080 — Home page
Buff — Package page
Port 8080 — Facilities page
Port 8080 — About page
Port 8080 — Contact page

2.2 Exploitation

List of the exploit related to “Gym Management”
web shell
user.txt
Start our own web server using python SimpleHTTPServer
Download the nc.exe using curl
run nc.exe to open shell
Finally, normal shell :)
48389.py

3. Reference

purple enthusiast