SHARE
TWEET

Test CVE-2020-0601 detection

bojanz Jan 15th, 2020 359 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Here's a simple way to test CVE-2020-0601 from PowerShell with the new tracing function CveEventWrite.
  2. It will generate an event in Windows Event Log, Application.
  3. Thanks to Didier Stevens for the idea.
  4.  
  5. $MemberDefinition = '[DllImport("advapi32.dll", CharSet = CharSet.Unicode)] public static extern long CveEventWrite(string CveId, string AdditionalDetails);'
  6. $Advapi32 = Add-Type -MemberDefinition $MemberDefinition -Name 'Advapi32' -Namespace 'Win32' -PassThru
  7. [Win32.Advapi32]::CveEventWrite("[CVE-2020-0601] cert validation", "CA: SANS ISC, sha1: d4d0713782626a7320e77967f1578b386257de1f")
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!
 
Top