updated readme

Signed-off-by: cube0x0 <vidfelt@protonmail.com>
pull/21/head
cube0x0 3 years ago
parent 6c519f9c9c
commit 2f4b1def94
  1. 27
      README.md

@ -19,7 +19,7 @@ cd impacket
python3 ./setup.py install
```
#### CVE-2021-1675.py
### CVE-2021-1675.py
```
usage: CVE-2021-1675.py [-h] [-hashes LMHASH:NTHASH] [-target-ip ip address] [-port [destination port]] target share
@ -84,3 +84,28 @@ REG ADD "HKLM\System\CurrentControlSet\Control\Lsa" /v RestrictAnonymous /t REG_
# Reboot
```
### Scanning
We can use `rpcdump.py` from impacket to scan for vulnerable hosts, if it returns a value, it's vulnerable
```
rpcdump.py @192.168.1.10 | grep MS-RPRN
Protocol: [MS-RPRN]: Print System Remote Protocol
```
### Mitigation
Disable Spooler service
```powershell
Stop-Service Spooler
REG ADD "HKLM\SYSTEM\CurrentControlSet\Services\Spooler" /v "Start " /t REG_DWORD /d "4" /f
```
Or Uninstall Print-Services
```powershell
Uninstall-WindowsFeature Print-Services
```

Loading…
Cancel
Save