🏋Hack the Box Buff Write-up 🏋

Buff is a machine that is relatively beginner friendly. This write-up is similarly geared towards beginners to Hack the Box(HTB) and Pen-testing/Ethical Hacking in general. Things like hacking phases and what a shell is will be explained more in-depth than the average HTB write-up.

Bypass the paywall with this link.

This machine is also great for beginners because it employs techniques that are common in Hack the Box and other vulnerable machine platforms. Things like starting a netcat shell and a python web server is done several times, which is great practice.

Prerequisites

There are a few things you need to get started hacking something in Hack the Box. A Linux system to act as your attacking host and a Hack the Box account.

1. Install a Kali Linux Virtual Machine on your Host, I recommend this guide:

How to Install Kali Linux on VirtualBox {Step by Step Screenshot Tutorial}

2. To create a HTB account, I recommend this guide. Try creating one on your own for a hour or two first:

Hack The Box: How to get invite code

3. Then follow the steps to connect to the HTB VPN that is on their web UI:

4. Then reset the Buff machine to ensure that it’s up and running properly.

Now let’s get started…

Enumeration Phase

What is the Enumeration Phase? Every hack begins with gathering as much information as you can about the target. The Enumeration Phase of a hack is running port scanners like nmap and researching extensively about what you found out about the target. The goal of the Enumeration Phase is to find a working exploitation…