Machine

LinkVortex: use CVE-2023-40028 where it fits the service, gain a shell, and escalate to root.

Bizness: use CVE-2023-49070 and CVE-2023-51467 where it fits the service, gain a shell, and escalate to root.

Inject: enumerate the AD surface, abuse the exposed credential or delegation path, and escalate to Administrator.

Unrested: use CVE-2024-36467 and CVE-2024-42327 where it fits the service, gain a shell, and escalate to root.

Vintage: enumerate the AD surface, abuse the exposed credential or delegation path, and escalate to Administrator.

Administrator: enumerate the AD surface, abuse the exposed credential or delegation path, and escalate to Administrator.

Certified: enumerate the AD surface, abuse the exposed credential or delegation path, and escalate to Administrator.

Blazorized: enumerate the AD surface, abuse the exposed credential or delegation path, and escalate to Administrator.

Epsilon: enumerate the services, turn the exposed weakness into a shell, and escalate to root.

Mist: enumerate the AD surface, abuse the exposed credential or delegation path, and escalate to Administrator.

Axlle: enumerate the AD surface, abuse the exposed credential or delegation path, and escalate to Administrator.

Beep: use CVE-2012-4869 where it fits the service, gain a shell, and escalate to root.

MagicGardens: turn the exposed service into a shell, pivot through the container boundary, and escalate to root.

Compiled: enumerate the AD surface, abuse the exposed credential or delegation path, and escalate to Administrator.

Union: enumerate the services, turn the exposed weakness into a shell, and escalate to root.

Jarmis: use CVE-2021-38647 where it fits the service, gain a shell, and escalate to root.

Lantern: use CVE-2022-38580 where it fits the service, gain a shell, and escalate to root.

Resource: turn the exposed service into a shell, pivot through the container boundary, and escalate to root.