Full title: DnsAdmin ServerLevelPluginDll Feature Abuse Privilege Escalation Exploit Category: local exploits Platform: windows This Metasploit module exploits a feature in the DNS service of Windows Server. Users of the DnsAdmins group can set the ServerLevelPluginDll value using dnscmd.exe to create a registry key at HKLM\SYSTEM\CurrentControlSet\Services\DNS\Parameters\ named ServerLevelPluginDll that can be made to point to an arbitrary DLL. # 0day.today @ http://0day.today/