Apply CVE-2020-1350 Workaround to Remote Computer

A patch has been released for the security vulnerability CVE-2020-1350, which has a 10 out of 10 on the CVSS scale and affects all Windows DNS servers from 2003 to 2019. However, since not everyone can patch systems right away, Microsoft has provided a workaround. The workaround restricts the size of DNS response packets, which only requires a restart of the DNS service and not the entire server. I recommend reading the knowledge base article to understand all the risks, prior to implementing in your environment.

The script below will apply the recommended registry setting and restart the DNS service on a remote computer.

$Computer = 'YourComputer'
Invoke-Command -computername $Computer -ScriptBlock {
    New-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\DNS\Parameters" -Name "TcpReceivePacketSize" -Value "0xFF00" -PropertyType "DWord" -Force
    Restart-Service -Name DNS -Force
}
  |  
Create PS Credential from Strings 
$Username = 'Username'
$Password = 'Password'
$SecureString = ConvertTo-SecureString $Password -AsPlainText -Force
$Credential = New-Object System.Management.Automation.PSCredential $Username, $SecureString
Details
Use to create a credential object from two different string objects. Warning, only use in labs/testing as credentials are saved in plain text
  |  |  |  
Elevate Script to Run As Administrator 
# Request elevation with administration rights
If (-NOT ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator"))
{   
    $arguments = "& '" + $myinvocation.mycommand.definition + "'"
    Start-Process powershell -Verb runAs -ArgumentList $arguments
    Break
} else {
    # Code to run elevated here
}
Details
This command will automatically elevate your script during the run time.
  
Expand Shortened URLs 
# Create Web Request Object
$request = [System.Net.WebRequest]::Create($url)
# Make it think we are using Edge on Windows 10. Required for some shorteners.
$request.UserAgent = 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246'
# Get the expanded URL
$request.GetResponse().ResponseUri.AbsoluteUri
Details
This command will query a shortened URL and return the fully expanded URL. It has been tested with fb.me, bit.ly, zpr.io, aka.ms, buff.ly, t.co, ow.ly, tinyurl.com, & rviv.ly to name just a few. If you find any it doesn’t work with please let me know in the comments below.

Example
PS C:\> $url = 'https://bit.ly/2KyctK3'
>> $request = [System.Net.WebRequest]::Create($url)
>> $request.UserAgent = 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246'
>> $request.GetResponse().ResponseUri.AbsoluteUri

https://www.dowst.dev/
  
Find Java Based Azure App Services

A quick Azure PowerShell command to locate any Java based Azure App Services and Functions so you can check if they are vulnerable to the CVE-2021-44228 Apache Log4j2 vulnerability.

Get-AzWebApp | ForEach-Object{
    Get-AzWebApp -ResourceGroupName $_.ResourceGroup -Name $_.Name | 
    Select-Object -Property Name, @{l='JavaVersion';e={$_.SiteConfig.JavaVersion}}, ResourceGroup, Id 
} | Format-Table
  |  
Quick and Easy Password Generator

This is a quick and easy password/random character generator. It returns random numbers between 33 and 126 and converts the number to the corresponding ASCII character.

$password = [string]::Empty
1..32 | ForEach-Object {
    $password += [char]$(33..126 | Get-Random)
}
  |  |  
Run Command on Remote Machine 
$Credential = Get-Credential
Invoke-Command -ComputerName $Computer -ScriptBlock {Stop-Service -Name Bits}
Details
Use to run a single command or script on a remote machine.
  
Run Multiple Commands on Remote Machine 
# Create a persistent connection to remote machine
$Session = New-PSSession -ComputerName $Computer -Credential $Credential

# Runs on remote machine
Invoke-Command -Session $Session -ScriptBlock {Stop-Service -Name Bits}

# Run on local machine
Get-Service

# Runs on remote machine again
Invoke-Command -Session $Session -ScriptBlock {Start-Service -Name Bits}
Details
Use the New-PSSession to creae a persistent connection to a remote machine. This allows you to call the remote machine multiple times within a single script, without the need to reinitialize your session.
  
Run PSExec From PowerShell

PowerShell remoting help in a lot of areas, but there are times when you need to use PSExec. For those instances, I’ve created a function that you can use to run a command on a remote machine using PSExec.

Function ExecutePsExec($computer, $command){
    $ping = Test-Connection $computer -Count 1 -Quiet
    if($ping){
        $StdOutput = (Join-path $env:temp "$($computer).txt")
        Start-Process -FilePath $psexec -ArgumentList "-s \\$computer $command" -Wait -RedirectStandardOutput $StdOutput -WindowStyle Hidden
        $Results = Get-Content $StdOutput -raw
        Remove-Item $StdOutput -Force
    } else {
        $Results = "Not online"
    }
    [pscustomobject]@{
        Computer = $computer
        Results = $Results
    }
}
# path to PsExec on your local machine
$script:psexec = "C:\Tools\PsExec.exe"

# the command to run
$command = 'cmd /c "powershell.exe -ExecutionPolicy ByPass \\SHARE01\Scripts\Demo.ps1"'

# execute the command on the remote computer
ExecutePsExec -computer 'MYPC01' -command $command