关联漏洞
标题:
Microsoft Windows Print Spooler Components 安全漏洞
(CVE-2021-34527)
描述:Microsoft Windows Print Spooler Components是美国微软(Microsoft)公司的一个打印后台处理程序组件。 Microsoft Windows Print Spooler Components 存在安全漏洞,攻击者可以通过该漏洞绕过PfcAddPrinterDriver的安全验证,并在打印服务器中安装恶意的驱动程序。以下产品和版本受到影响:Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1
描述
A patch for PrintNightmare vulnerability that occurs to print spooler service for Windows machines [CVE-2021-34527]
介绍
# Introduction
PrintNightmare-Patcher, a simple tool that resolves the PrintNightmare vulnerability, which occurs to print spooler service for Windows machines [CVE-2021-34527]. In addition, it checks if your system has the relevant security update for it or not.
# Installation
```
git clone https://github.com/0xirison/PrintNightmare-Patcher.git
```
# Usage
```
python printnightmare-patcher.py
```
# Dependencies
No dependencies required
# Features
- Check if the windows system is vulnerable to PrintNightmare or not.
- Check if the Print Spooler service is running or not, and disable it if running.
- Check if the system has an update for PrintNightmare vulnerability "Hotfix-id: KB5004954", and try it to install it if it is not already installed.
- Changing the registry key 'PointAndPrint' settings as Microsoft suggests.
# Does it require elevated privileges?
Yes, it requires administrative privileges
# References
- Windows Print Spooler Remote Code Execution Vulnerability by [Microsoft](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527)
- Windwos Security Update 'KB5004954' by [Microsoft](https://support.microsoft.com/en-us/topic/july-6-2021-kb5004954-monthly-rollup-out-of-band-8e7742b6-8a42-41ab-86dd-0dd0b36b4139)
# Screenshot
文件快照
[4.0K] /data/pocs/343c20f1899045ced9f6685f61cbf45101690668
├── [1.0K] LICENSE
├── [6.2K] printnightmare-patcher.py
└── [1.3K] README.md
0 directories, 3 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。