Friday, September 11, 2020

DnsAdmin ServerLevelPluginDll Feature Abuse Privilege Escalation

This Metasploit module exploits a feature in the DNS service of Windows Server. Users of the DnsAdmins group can set the ServerLevelPluginDll value using dnscmd.exe to create a registry key at HKLM\SYSTEM\CurrentControlSet\Services\DNS\Parameters\ named ServerLevelPluginDll that can be made to point to an arbitrary DLL.
DnsAdmin ServerLevelPluginDll Feature Abuse Privilege Escalation
 

Copyright © 2020 Cyber Details - Vulnerability Database™

Thanks for everything Templateism - You should have written the code a little more complicated