Machine Synopsis

Coder is an Insane Difficulty Windows machine that features reverse-engineering a Windows executable to decrypt an archive containing credentials to a `TeamCity` instance. Access to this service requires a Time-based One-time Password (`TOTP`), which can only be obtained through source code review and brute-forcing. Once logged in, running a custom patch from a `diff` file leads to Remote Code Execution (RCE), and subsequently a reverse shell once `Defender` is bypassed. After recovering an encryption key for an encrypted credential object and pivoting to another user, two accounts are ultimately leveraged in parallel to abuse Active Directory Certificate Services (`ADCS`) and obtain shadow credentials of `DC01$`.