lordsky/CVE-2020-1350

PoC Checking script

CVE-2020-1350 Exploit aka SIGRED

RCE via DNS

Windows Binary PoC

./CVE-2020-1350.exe will run the exploit.

View README.pdf for more information on how to use the binary.

Running the exploit on Linux

Change the target IP in exploit.sh then do:

chmod +x exploit.sh
./exploit.sh

Workaround Fix

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters" /v "TcpReceivePacketSize" /t REG_DWORD /d 0xFF00 /f
net stop DNS && net start DNS

Contributers

• https://twitter.com/ZephrFish
• https://twitter.com/TJ_Null
• https://twitter.com/ZoomerX
• https://twitter.com/TheCyberViking
• https://twitter.com/rag_sec