CVE-2021-1675
WinPwn
Our great sponsors
CVE-2021-1675 | WinPwn | |
---|---|---|
7 | 1 | |
1,791 | 3,182 | |
- | - | |
0.0 | 5.3 | |
almost 3 years ago | 3 months ago | |
C# | PowerShell | |
- | BSD 3-clause "New" or "Revised" License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
CVE-2021-1675
-
Researchers accidentally release exploit code for new Windows ‘zero-day’ bug PrintNightmare
Thst is the advice until they release a patch, which I would assume will be Tuesday... but we'll see. I also read turning UAC on prevents the exploit from working. If the print spooler isn't available remotely, then it is just an LPE vuln . You can get more details here https://github.com/cube0x0/CVE-2021-1675. And yeah this is hard cause every company does printing differently, definitely remove from your DCs asap though.
- C# and Impacket implementation of CVE-2021-1675/PrintNightmare
-
Help - attempting to replicate CVE-2021-1675 print nightmare
i Tried this (https://github.com/cube0x0/CVE-2021-1675) and its worked.
- cube0x0/CVE-2021-1675
- Impacket implementation of CVE-2021-1675
- PrintNightmare (CVE-2021-1675): Remote code execution in Windows Spooler Service
WinPwn
What are some alternatives?
Metasploit - Metasploit Framework
reconness - ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.
mimikatz - A little tool to play with Windows security
PowerShellKeePass - PowerShell 5 module for KeePass manipulation
ItWasAllADream - A PrintNightmare (CVE-2021-34527) Python Scanner. Scan entire subnets for hosts vulnerable to the PrintNightmare RCE
cobalt-arsenal - My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+
CVE-2021-1675 - Pure PowerShell implementation of CVE-2021-1675 Print Spooler Local Privilege Escalation (PrintNightmare)
PrintNightmare
PowerShell - PowerShell scripts for Mick's IT Blogs
laravel-system-helpers - Scripts for making basic Laravel project setup more convenient with OS-native utilities (PowerShell and Bash)
PSMDATP - PowerShell Module for managing Microsoft Defender Advanced Threat Protection