Found via @armitagehacker on Twitter.

This video shows a demo that uses Armitage (Metasploit to compromise a Windows Domain Controler.

The attacker gains access to an unpatched Windows web server  by exploiting the classic MS08-067. On the web server, the attacker is able to obtain the cached domain credentials of an administrator  and use them to compromise the domain controller.

The attacker also makes use of the persistence module to keep a foothold on the compromised system.