Fluffy Machine (HackTheBox) — Step-by-Step Walkthrough
Compromise of a Windows HackTheBox Active Directory machine by exploiting CVE-2025-24071 via a malicious library-ms file to capture NTLM hashes via Responder, abusing GenericWrite permissions through BloodHound enumeration to perform Shadow Credential attacks, and escalating to Domain Admin by exploiting an ESC16 ADCS misconfiguration with Certipy.
Read more →