Updating specific registry entry using Powershell and Try/Catch?

Question

I need some assistance to modify the rough script below to:

1. Check the registry value exist or not before changing.
2. update specific Registry key.
3. Restart DNS service only.
4. Test DNS functionality using builtin Powershell and then exit script when all is good no error.

Script: https://pastebin.com/jm34bssi

Import-Module DnsServer

try
{
    $RegistryPath = 'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters'
    $ipV4 = Test-Connection -ComputerName $env:COMPUTERNAME -Count 1 | Select IPV4Address

    #Test & check the DNS value if it is changed already or not?
    If ( (Get-ItemProperty -Path $RegistryPath -Name 'TcpReceivePacketSize').ToString() -ne 0xFF00 )
    {
        # Update the below Registry key value:
        Subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters
        Value: TcpReceivePacketSize
        Type: DWORD
        Value data: 0xFF00
        
        # Restart the DNS service after the succesful change
        net stop dns
        net start dns
        
        Get-ItemProperty -Path $RegistryPath | Format-List
        
        #Test the DNS server functionality, if no errors, generated from the below test, then all is good, exit script.
        try
        {
            $testConnection = Test-Connection $domaincontroller -Count 1
            If (($testConnection -ne "") -or ($testconnection -ne $null))
            {
                Test-DnsServer -IPAddress $ipV4
                Test-DnsServer -IPAddress $ipV4 -Context Forwarder
                Test-DnsServer -IPAddress $ipV4 -Context RootHints
                Test-DnsServer -IPAddress $ipV4 -ZoneName $env:USERDOMAIN
            }
            else
            {
                Write-Host "$computername DNS test failed".
                Exit
            }
        }
        catch
        {
            Write-Output "Exception Type: $($_.Exception.GetType().FullName)"
            Write-Output "Exception Message: $($_.Exception.Message)"
        }

    }
    else
    {
        Write-Host "$computername DNS has been updated" 
    }
}
catch
{
    Write-Output "Exception Type: $($_.Exception.GetType().FullName)"
    Write-Output "Exception Message: $($_.Exception.Message)"
}

The script above cause the below error:

Exception Type: System.Management.Automation.PSArgumentException
Exception Message: Property TcpReceivePacketSize does not exist at path HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters.

This is as per this article: https://support.microsoft.com/en-us/help/4569509/windows-dns-server-remote-code-execution-vulnerability

Answer 1

To use PowerShell cmdlets to Get or Set registry entries, you need to either use the PowerShell drive name HKLM:

HKLM:\SYSTEM\CurrentControlSet\Services\DNS\Parameters

or prepend the provider Registry:: (double colon) in front of the long hive name:

Registry::HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters

^{See Note}

$RegistryPath = 'HKLM:\SYSTEM\CurrentControlSet\Services\DNS\Parameters'

# try and get the property 'TcpReceivePacketSize'
$property = Get-ItemProperty -Path $RegistryPath -Name 'TcpReceivePacketSize' -ErrorAction SilentlyContinue
if (!$property) {
    Write-Host "Creating new property 'TcpReceivePacketSize'"
    # create the registry path if not already exists
    if (!(Test-Path -Path $RegistryPath)) {
        $null = New-Item -Path $RegistryPath -Force
    }
    # set the property TcpReceivePacketSize to the wanted value
    $null = New-ItemProperty -Path $RegistryPath -Name 'TcpReceivePacketSize' -Value 0xFF00 -Type DWORD
}
elseif ([int]$property.TcpReceivePacketSize -ne 0xFF00) {
    # the property was found, but the value needs to be set to 0xFF00
    Write-Host "Updating property 'TcpReceivePacketSize'"
    Set-ItemProperty -Path $RegistryPath -Name 'TcpReceivePacketSize' -Value 0xFF00 -Type DWORD
}


# do the rest of your Dns testing here