Better late then never! Walkthrough of the machine called “Nickel” in the OffSec Proving Grounds…this is a Windows machine rated as intermediate. In this video we exploit a DevOps dashboard to obtain credentials, then use John tools to help decrypt a password protected PDF to learn about a temporary command endpoint. We then use port forwarding via SSH to access the command endpoint and trigger a reverse shell as NT Authority.
Offsec Proving Grounds Walkthrough – Nickel
