I have the first proof.txt from the lab machines.

This is a short update, just to mark this awesome day when I was able to get remote access to the first live lab machine.

Upon looking at the root of C:\ I found someone else's owned.exe and decided to revert the machine to its original state to make sure I had actually found my own way in instead of a weakened machine conf. I had!

I dumped hashes which I fed to john the ripper and was overly excited when john started spitting out passwords. ∠( ゚д゚)/

The hashes did not permit to pivot anywhere by passing them around. But at least I had my first success which gave me a big boost of confidence since this morning I was so bewildered about where to even begin attacking the network!

Next up: Metasploit.