Method to Compromise a Windows Domain via Active Directory Vulnerability

The article describes a method to compromise a Windows domain by exploiting a chain of permissions and the ESC4 vulnerability in the Active Directory Certification Service. Initial access to the system is obtained via Microsoft SQL, and the necessary credentials to progress are found in configuration files. The technique allows for privilege escalation within the network.