CVE-2021-1675
C# and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527 (by cube0x0)
PrintNightmare
By afwu
Our great sponsors
| CVE-2021-1675 | PrintNightmare | |
|---|---|---|
| 7 | 7 | |
| 1,791 | 809 | |
| - | - | |
| 0.0 | 3.8 | |
| almost 3 years ago | almost 3 years ago | |
| C# | ||
| - | - |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
CVE-2021-1675
Posts with mentions or reviews of CVE-2021-1675.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2021-07-02.
-
Researchers accidentally release exploit code for new Windows ‘zero-day’ bug PrintNightmare
Thst is the advice until they release a patch, which I would assume will be Tuesday... but we'll see. I also read turning UAC on prevents the exploit from working. If the print spooler isn't available remotely, then it is just an LPE vuln . You can get more details here https://github.com/cube0x0/CVE-2021-1675. And yeah this is hard cause every company does printing differently, definitely remove from your DCs asap though.
- C# and Impacket implementation of CVE-2021-1675/PrintNightmare
-
Help - attempting to replicate CVE-2021-1675 print nightmare
i Tried this (https://github.com/cube0x0/CVE-2021-1675) and its worked.
- cube0x0/CVE-2021-1675
- Impacket implementation of CVE-2021-1675
- PrintNightmare (CVE-2021-1675): Remote code execution in Windows Spooler Service
PrintNightmare
Posts with mentions or reviews of PrintNightmare.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2021-07-08.
- Sorry but I'm confused as how to mitigate PrintNightmare
-
latest vulnerability without patch]
[(https://github.com/afwu/PrintNightmare)
-
Critical Vulnerability: PrintNightmare Exposes Windows Servers to Remote Code Execution
Based on this writeup of the exploit https://github.com/afwu/PrintNightmare I think it should actually prevent an attack since it would stop the malicous driver from being loaded onto the target but it's probably the best to wait for the guys at huntress when they get a little more breathing space with Kaseya.
-
Microsoft Tries, Fails to Patch Critical Windows Vulnerability. Chaos Ensues
It is exploited by calling a remote procedure call function called rpcAddPrinterDriver. There is a buggy check that lets a user without the adequate privileges to load a driver on the remote system.
Since remote functions can be called locally as well, this is both a remote code execution (RCE) and local privilege escalation (LPE). For more information, see the original source: https://github.com/afwu/PrintNightmare
- PrintNightmare (CVE-2021-1675): Remote code execution in Windows Spooler Service
- afwu/PrintNightmare
What are some alternatives?
When comparing CVE-2021-1675 and PrintNightmare you can also consider the following projects:
Metasploit - Metasploit Framework
sigma - Main Sigma Rule Repository
mimikatz - A little tool to play with Windows security
ItWasAllADream - A PrintNightmare (CVE-2021-34527) Python Scanner. Scan entire subnets for hosts vulnerable to the PrintNightmare RCE
CVE-2021-1675 - Pure PowerShell implementation of CVE-2021-1675 Print Spooler Local Privilege Escalation (PrintNightmare)
WinPwn - Automation for internal Windows Penetrationtest / AD-Security