Hey forum quick question on the overall approach for VIP machines if I may:
So I just completed the starting point and noticed that all machines in the lab were effectively part of the same pentest. They were in the same domain and creds extracted from one machine can be used on another.
This is all good as there were ~10 machines to target. A good number.
Now over to VIP. There are literally 100’s of them. If I start working on machine A but need a password thats burried deep on box Z how is that supposed to work? Or are they each a single, isolated pentest per machine?