Easy Eighteen Feb 24, 2026 active-directory mssql impersonation pbkdf2 password-spray winrm badsuccessor dmsa cve-2025-53779 kerberos chisel pass-the-hash Overview Eighteen is an Easy Windows box running a Windows Server 2025 domain controller with MSSQL, IIS, and WinRM exposed. The attack chain starts …