https://joaobonin.com/tags/adcs/ Recent content in Adcs on João Vítor Moutinho Bonin Hugo en Fri, 22 May 2026 00:00:00 +0000 https://joaobonin.com/posts/htb-escape/ Fri, 22 May 2026 00:00:00 +0000 https://joaobonin.com/posts/htb-escape/ Escape is a Medium Windows Active Directory machine where a publicly readable SMB share leaks SQL Server credentials in a PDF. Those creds lead to MSSQL access, NTLM hash capture via xp_dirtree, and eventually an ESC1 ADCS attack to compromise the domain administrator.