.. / CVE-2021-1675

Exploit for Microsoft Windows Print Spooler service - Authenticated Remote Code Execution, Local Privilege Escalation (PrintNightmare, CVE-2021-1675)

Description:

A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Affected Products:

Windows 7
Windows 8.1
Windows 10
Windows 11
Windows Server 2008
Windows Server 2008 R2
Windows Server 2012
Windows Server 2012 R2
Windows Server 2016
Windows Server 2019
Windows Server 2022

Proof of Concept

PoC exploit

Try the exploit in a lab environment:

Lab	Machine	Link
Hack The Box	Atom	Go to Practice
Hack The Box	Driver	Go to Practice

References:

https://nvd.nist.gov/vuln/detail/CVE-2021-1675
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1675
https://itm4n.github.io/printnightmare-exploitation/
https://www.hackthebox.com/blog/windows-protocols-python
https://pentestlab.blog/2021/08/17/domain-escalation-printnightmare/
https://github.com/outflanknl/PrintNightmare