CVE-2020-1350

This repository is a honeypot designed to deceive users into executing benign but misleading binaries (e.g., rick rolls, canary tokens) under the guise of a CVE-2020-1350 exploit. The actual exploit code is non-functional and serves as a trap.

This is a functional proof-of-concept exploit for CVE-2020-1350 (SIGRed), a heap-based buffer overflow in Windows DNS servers. The exploit triggers a denial-of-service (DoS) by sending a maliciously crafted DNS response with an overflowed SIG record, causing the target DNS service to crash.

This repository contains NSE scripts for detecting vulnerabilities, including CVE-2020-1350 (SIGRed) and CVE-2020-0796 (SMBGhost). The scripts are designed for safe detection and do not include exploit payloads.

This is a functional proof-of-concept exploit for CVE-2020-1350 (SIGRed), a vulnerability in Windows DNS Server that allows a denial-of-service (DoS) attack via a malformed DNS SIG query. The exploit crafts a malicious DNS response with a large SIG record to trigger a buffer overflow, causing the DNS service to crash.

This PowerShell script checks if a Windows DNS Server is vulnerable to CVE-2020-1350 by verifying the presence of security updates or registry workarounds. It does not exploit the vulnerability but provides a menu-driven interface to assess and apply mitigations.

This repository contains a proof-of-concept exploit for CVE-2020-1350, a vulnerability in Windows DNS Server. The exploit leverages a heap-based buffer overflow in the DNSSEC SIG record parsing to achieve remote code execution.

This repository provides a Zeek package for detecting exploitation attempts of CVE-2020-1350 (SIGRed), a critical vulnerability in Microsoft Windows DNS servers. It includes detection rules and notices for identifying large DNS responses indicative of exploitation.

This repository claims to be a PoC for CVE-2020-1350 but is actually a honeypot tool designed to track interest in the vulnerability. It performs no actual exploitation, instead sending a CanaryToken HTTP request and launching a Rick Astley video in Internet Explorer.

This PowerShell script applies a local workaround for CVE-2020-1350 (SigRED) by setting the TcpReceivePacketSize registry value to 65280 and restarting the DNS service to mitigate the vulnerability. It checks if the system is a DNS server and whether the workaround is already applied.

This repository provides a registry-based workaround for CVE-2020-1350, a critical RCE vulnerability in Windows DNS Server. It includes a PowerShell script to apply the mitigation and detailed documentation.

This repository contains a PowerShell script to check for CVE-2020-1350 vulnerability in Windows DNS Server and apply a registry-based workaround. It verifies DNS service status, patch installation, and registry settings.

This repository contains a functional Python exploit for CVE-2020-1350 (SIGRed), a Windows DNS server vulnerability. The exploit crafts malicious DNS responses to trigger a heap-based buffer overflow, causing a denial-of-service (DoS) condition.

This PowerShell script mitigates CVE-2020-1350 (SigRed) by setting a registry key on all domain controllers to limit DNS packet size and restarting the DNS service. It requires domain admin credentials to execute remotely.

The repository contains only a README with minimal information about CVE-2020-1350, a Windows DNS Server vulnerability, and mentions a binary PoC without providing the actual exploit code or details.

This repository provides a mitigation script for CVE-2020-1350, a critical RCE vulnerability in Windows DNS Server. It includes a PowerShell script to generate a resource.xml file for Datto RMM or other RMM tools to apply the mitigation without rebooting.

This repository contains a functional exploit for CVE-2020-1350 (SigRed), a remote code execution vulnerability in Windows DNS Server. The exploit leverages a heap-based buffer overflow to achieve arbitrary code execution via a malicious DNS response.

This repository contains a functional exploit for CVE-2020-1350 (SIGRed), a remote code execution vulnerability in Windows DNS Server. The exploit leverages a heap-based buffer overflow in the DNS server's SIG record parsing to achieve arbitrary code execution.

The repository contains a Bash script designed to exploit CVE-2020-1350 (SIGRed), a critical RCE vulnerability in Windows DNS Server. The script is intended to achieve Domain Admin privileges on vulnerable Domain Controllers.

This repository contains a functional exploit for CVE-2020-1350 (SIGRed), a heap-based buffer overflow in Windows DNS Server. The exploit triggers a DoS by sending a maliciously crafted DNS response with an overflowed SIG record, causing the DNS service to crash.