Description: This is an feature abuse where in a user who is a member of DNSAdmins group can load arbitary dll on the DNS server. Lets try to first find the users which are a part of DNSAdmins group. we will be using DNSadmin cmd to load dll on the DC server where the DNS service is running.We will be using MSFVenom for creating malicious DLL and will load the DLL on the DNS Server. The only caveat is that the DNS service needs to be restarted.
Tags:
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.