# Exploit ESC8 (ADCS) ### List All PKI Enrollment Servers ```bash nxc ldap -u user -p pass -M adcs ``` ### List All Certificates Inside a PKI ```bash nxc ldap -u user -p pass -M adcs -o SERVER=xxxx ``` ### Helpful Resources {% embed url="" %} {% embed url="" %} {% embed url="" %} {% embed url="" %}