CVE-2020-1048

This PoC exploits CVE-2020-1048 (PrintDemon) by creating a malicious printer port and writing a DLL to disk, which is then executed with SYSTEM privileges upon restarting the spooler service. The exploit leverages the Windows Print Spooler's improper handling of port names to achieve local privilege escalation.

This repository provides a detailed writeup and proof-of-concept for CVE-2009-0229, a local privilege escalation vulnerability in the Windows Print Spooler service. The exploit leverages the 'Separator Page' feature to read arbitrary files by configuring a printer to use a malicious separator file.

This PoC exploits CVE-2020-1048, a Windows Print Spooler privilege escalation vulnerability, by creating a malicious printer port and writing a DLL to a privileged location. The exploit leverages the spooler service to achieve arbitrary file write with SYSTEM privileges.

This repository contains a functional exploit for CVE-2020-1048 (PrintDemon), which leverages a logic flaw in the Windows Print Spooler service to achieve arbitrary file writes as SYSTEM. The exploit overwrites PrintConfig.dll with a malicious payload, which is then loaded by spoolsv.exe to spawn a SYSTEM-level command shell.

This PoC exploits CVE-2020-1048, a privilege escalation vulnerability in the Windows Print Spooler service. It demonstrates how an attacker can abuse the printer driver installation and port addition process to achieve arbitrary file write, which can lead to local privilege escalation.

This Metasploit module exploits CVE-2020-1048, a local privilege escalation vulnerability in the Windows Print Spooler service. It leverages a file write vulnerability to overwrite a system DLL with a malicious payload, achieving persistent elevated privileges.

This repository contains a functional exploit for CVE-2020-1048, leveraging the Windows Print Spooler's improper handling of printer drivers to achieve local privilege escalation (LPE). The code demonstrates the creation of a malicious printer and port to exploit the vulnerability.