Walkthrough of the machine called “Hutch” in the OffSec Proving Grounds…don’t watch unless you want help getting through the machine. In this machine we ldapsearch to find credentials, we exploit WebDAV to upload and .aspx reverse shell. Once on the machine we use a python exploit to get the LAPS password to escalate our privileges to administrator on the machine.
Offsec Proving Grounds Walkthrough – Hutch
