Jump to content

CVE-2020-16898 | Windows TCP/IP Remote Code Execution Vulnerability


Recommended Posts

Wanted to get a topic started for this CVE. Looks like this one will only apply to Server 2019 and Windows 10. Patching the Windows 10 workstations is less of a priority, since the exploit appears to simply force a BSOD and doesn't greatly affect security. 

Anyone know of a way to check this patch by registry? I tested the workaround, and it sounds like it may be safe to run the workaround against all interfaces. If that's the case I can automate it without getting too fancy, I'll just run the command line by line for say int 1-50 or something, (see below). So I'm looking for a way to check the command through registry to setup a remote monitor.

netsh int ipv6 set int 1 rabaseddnsconfig=disable
netsh int ipv6 set int 2 rabaseddnsconfig=disable
netsh int ipv6 set int 3 rabaseddnsconfig=disable
netsh int ipv6 set int 4 rabaseddnsconfig=disable

Edited by DrYou
Link to post
Share on other sites

I was bored:

for /l %a in (1,1,50) do @(echo netsh int ipv6 set int %~a rabaseddnsconfig=disable)

And:

for /l %a in (1,1,50) do @(netsh int ipv6 show int %~a | findstr "6106 Interface")

Not the most elegant but a starter

Link to post
Share on other sites
13 minutes ago, BlueToast said:

I was bored:


for /l %a in (1,1,50) do @(echo netsh int ipv6 set int %~a rabaseddnsconfig=disable)

And:


for /l %a in (1,1,50) do @(netsh int ipv6 show int %~a | findstr "6106 Interface")

Not the most elegant but a starter

I tried the first line in PowerShell and it's returning an error, can you explain what the two commands do and how to use? Thanks

Link to post
Share on other sites

DrYou,

 

FOR /L %variable IN (start,step,end) DO command [command-parameters] The set is a sequence of numbers from start to end, by step amount. So (1,1,5) would generate the sequence 1 2 3 4 5 and (5,-1,1) would generate the sequence (5 4 3 2 1)

This also should be run at a command prompt, not powershell... And, for some reason, although the command works, it did not stick. I'm trying to figure out why it is not sticking.

 

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...