Hi everyone!.
So far so good in this post i perform a local privilege escalation with the knowledge vulnerability of 2021.
Printnightmare
A non administrative user could create a new printer driver:
CVE-2021-1675 - CVE-2021-34527
https://github.com/ly4k/PrintNightmare
https://github.com/calebstewart/CVE-2021-1675
└─$ python3 printnightmare.py -check "Administrator:Passw0rd1@10.0.2.22"
Impacket v0.9.24.dev1+20211015.125134.c0ec6102 - Copyright 2021 SecureAuth Corporation
[*] Target appears to be vulnerable!
Validate sharing printers from external attacker machine to the target server:
Execute privilege scalation exploit on the target system:
Verify from psexec exeternal connection using smb protocol writing on C$:
And this is all, for this kind of attack i hope that all the companies apply the recommended vendor patches!!.
best reagrds, f0ns1
No comments:
Post a Comment