[HTB] Buff — Writeup

4 min readFeb 18, 2021

--

This one was an easy difficulty box. Good learning path for:

Gym Management System 1.0 RCE
plink.exe to Port Forward to Bypass Restrictions
cloudMe.exe BoF Exploit

Initial Recon

Nmap

Let’s begin with an initial port scan:

$ nmap -Pn --open -p- -sC -sV 10.10.10.198

bigb0ss

Written by bigb0ss

OSWE | OSCE | OSCP | CREST | Lead Offensive Security Engineer — All about Penetration Test, Red Team, Cloud Security, Web Application Security

Help
Status
About
Careers
Blog
Privacy
Terms
Text to speech
Teams