HTB Logging Complete Writeup - CVE-2025-59287, Shadow Credentials & WSUS MITM

A comprehensive penetration testing guide exploiting an unauthenticated WSUS deserialization RCE, Active Directory shadow credential abuse, a DLL hijack via zip drop, and a fake WSUS MITM attack to achieve SYSTEM on a Domain Controller.

April 19, 2026 • views • 24 min read • 2,750 words

Havoc

hackthebox 23 htb 27 active-directory 6 domain-controller 3 cve-2025-59287 wsus deserialization ysoserial shadow-credentials 2 kerberos 7 smb 5 dll-hijack zip-drop scheduled-task wsus-mitm dns-spoofing powermad pywsus wsuks bloodhound 6 pywhisker bloodyad 4 evil-winrm 4 rubeus 2 lateral-movement 6 privilege-escalation 14 managed-service-account 2 genericall 2 season10 6 medium-difficulty 5

🔒 Content Locked

This writeup is password-protected to comply with HTB rules.

📧 Need access? Enter the password.

HTB Logging Complete Writeup - CVE-2025-59287, Shadow Credentials & WSUS MITM

🔒 Content Locked

☕ Support My Work

Comments

🔒 Content Locked

☕ Support My Work

Related Articles

HTB Logging Complete Writeup - CVE-2025-59287, Shadow Credentials & WSUS MITM

Pirate HackTheBox Writeup — Complete Season 10 Machine Walkthrough

HTB PingPong Complete Writeup - ESC13, Cross-Domain DACL, gMSA, JEA, RBCD & ESC4→ESC1

Garfield HackTheBox Writeup- Hard Windows Active Directory Machine Walkthrough

Comments