CVE-2021-34527 PoC — Microsoft Windows Print Spooler Components 安全漏洞

Source

Associated Vulnerability

Description

Fix for PrintNightmare CVE-2021-34527

Readme

# Printnightmare
Fix for PrintNightmare CVE-2021-34527

![Printnightmare](https://raw.githubusercontent.com/Eutectico/Printnightmare/main/PrintNightmare.png)


## Run disable-spooler.ps1 file as administrator to disable spooler  
```
powershell.exe -executionpolicy bypass -file .\disable-spooler.ps1
```

## For batch disabling, make a server list with the names of all your servers (e.g. serverlist.txt) and run the file disable-spooler.cmd as administrator to disable the spooler on all your servers  
```
powershell.exe -executionpolicy bypass -file .\disable-spooler.cmd
```


## Run deny-drivers.ps1 file as administrator to prevent exploits from being installed
```
powershell.exe -executionpolicy bypass -file .\deny-drivers.ps1
```

## Run the allow-drivers.ps1 file as administrator to reactivate driver installation
```
powershell.exe -executionpolicy bypass -file .\allow-drivers.ps1
```

File Snapshot

 [4.0K]  /data/pocs/bc324c248a60d6d77704d68ab1da7a15cdbb3a40
├── [ 285]  allow-drivers.ps1
├── [ 282]  deny-drivers.ps1
├── [ 574]  disable-spooler.cmd
├── [ 148]  disable-spooler.ps1
├── [1.0K]  LICENSE
├── [138K]  PrintNightmare.png
├── [ 900]  README.md
└── [  36]  serverlist.txt

0 directories, 8 files

Remarks