我需要一些帮助来修改下面的粗略脚本:
- 在更改之前检查注册表值是否存在。
- 更新特定的注册表项。
- 仅重新启动 DNS 服务。
- 使用内置 Powershell 测试 DNS 功能,然后在一切正常无错误时退出脚本。
脚本:https ://pastebin.com/jm34bssi
Import-Module DnsServer
try
{
$RegistryPath = 'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters'
$ipV4 = Test-Connection -ComputerName $env:COMPUTERNAME -Count 1 | Select IPV4Address
#Test & check the DNS value if it is changed already or not?
If ( (Get-ItemProperty -Path $RegistryPath -Name 'TcpReceivePacketSize').ToString() -ne 0xFF00 )
{
# Update the below Registry key value:
Subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters
Value: TcpReceivePacketSize
Type: DWORD
Value data: 0xFF00
# Restart the DNS service after the succesful change
net stop dns
net start dns
Get-ItemProperty -Path $RegistryPath | Format-List
#Test the DNS server functionality, if no errors, generated from the below test, then all is good, exit script.
try
{
$testConnection = Test-Connection $domaincontroller -Count 1
If (($testConnection -ne "") -or ($testconnection -ne $null))
{
Test-DnsServer -IPAddress $ipV4
Test-DnsServer -IPAddress $ipV4 -Context Forwarder
Test-DnsServer -IPAddress $ipV4 -Context RootHints
Test-DnsServer -IPAddress $ipV4 -ZoneName $env:USERDOMAIN
}
else
{
Write-Host "$computername DNS test failed".
Exit
}
}
catch
{
Write-Output "Exception Type: $($_.Exception.GetType().FullName)"
Write-Output "Exception Message: $($_.Exception.Message)"
}
}
else
{
Write-Host "$computername DNS has been updated"
}
}
catch
{
Write-Output "Exception Type: $($_.Exception.GetType().FullName)"
Write-Output "Exception Message: $($_.Exception.Message)"
}
上面的脚本导致以下错误:
Exception Type: System.Management.Automation.PSArgumentException
Exception Message: Property TcpReceivePacketSize does not exist at path HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters.
这是根据这篇文章: https: //support.microsoft.com/en-us/help/4569509/windows-dns-server-remote-code-execution-vulnerability