This is a walkthrough of Offsec Proving Grounds machine called "Symbolic". In this walkthrough we exploit a HTML to PDF website using tools like gobuster, a Google Project Zero tool called CreateSymlink, and SSH key abuse. ***SPOILER*** don't watch unless you want help getting through the machine.
I keep calling the user Pyload but is Payload, LOL...I have another Offsec machine on my mind apparently!
There aren't many, if any walkthroughs of this machine so, you're welcome!
Links used in walkthrough:
https://github.com/usdAG/SharpLink
https://github.com/googleprojectzero/symboliclink-testing-tools
https://github.com/googleprojectzero/symboliclink-testing-tools/blob/main/CreateSymlink/CreateSymlink_readme.txt
https://github.com/openssl/openssl/issues/20054
