https://haoyingcao.xyz/tags/gmsa/Recent content in GMSA on HaoyingCao.xyzHugo -- gohugo.ioen-usThu, 18 Jun 2026 08:15:32 -0500https://haoyingcao.xyz/writeups/tombwatcher/Thu, 18 Jun 2026 08:15:32 -0500https://haoyingcao.xyz/writeups/tombwatcher/A medium Active Directory Windows machine fom Hack The Box features a series of ACL abuse to get access to WinRM on the target, and then restoring a deleted account to exploit an ADCS certificate template vulnerable to ESC15 gain access to the domain admin.