Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-34527 PoC — Microsoft Windows Print Spooler Components 安全漏洞

Source
https://github.com/syntaxbearror/PowerShell-PrintNightmare
Associated Vulnerability
Title:Microsoft Windows Print Spooler Components 安全漏洞 (CVE-2021-34527)
Description:Microsoft Windows Print Spooler Components是美国微软(Microsoft)公司的一个打印后台处理程序组件。 Microsoft Windows Print Spooler Components 存在安全漏洞,攻击者可以通过该漏洞绕过PfcAddPrinterDriver的安全验证,并在打印服务器中安装恶意的驱动程序。以下产品和版本受到影响:Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1
Description
A collection of scripts to help set the appropriate registry keys for CVE-2021-34527
Readme
# PowerShell-PrintNightmare
A collection of scripts to help set the appropriate registry keys for CVE-2021-34527 shared as part of our blogs outlining various mitigation options. 

servers.ps1 contains the registry settings related to PointAndPrint. You still need to install the patch!
workstations.ps1 is more a hardening script to blocking inbound remote printing on devices you don't want to share / host printers.

Read more on our blogs or broader / alternative methods over at https://www.syntaxbearror.io/blog/printnightmare-part-ii-print-spooler-remains-vulnerable-across-windows/

For the blog that referenced this repository, view it at https://www.syntaxbearror.io/blog/printnightmare-part-iii-patching-remediation/
File Snapshot

 [4.0K]  /data/pocs/cd96abe78df911e542027d9e0375ef70b7174ca5
├── [ 728]  README.md
├── [2.0K]  servers.ps1
└── [1.1K]  workstations.ps1

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.