This Metasploit module exploits a feature in the DNS service of Windows Server. Users of the DnsAdmins group can set the ServerLevelPluginDll value using dnscmd.exe to create a registry key at HKLM\SYSTEM\CurrentControlSet\Services\DNS\Parameters\ named ServerLevelPluginDll that can be made to point to an arbitrary DLL.
da2cc8a9f423689f3122124aa84eb964b7056b6fedd4f40ddd88ead60b4eedeb