CVE-2021-34527

This repository contains a Python-based scanner for CVE-2021-34527 (PrintNightmare) that checks for vulnerability over MS-PAR and MS-RPRN protocols without exploiting the hosts. It generates a CSV report with results.

This repository contains a functional PowerShell script that exploits CVE-2021-34527 (PrintNightmare) to achieve local privilege escalation by adding a new local administrator user or executing a custom DLL as NT AUTHORITY\SYSTEM. The exploit leverages the Windows Print Spooler service to load a malicious driver.

This repository contains a functional exploit for CVE-2021-34527 (PrintNightmare), which leverages the Windows Print Spooler service to achieve remote code execution (RCE) via crafted RPC calls to add a malicious printer driver. The exploit includes Python and C++ implementations, demonstrating the vulnerability by copying a DLL to a remote system and executing it.

This repository contains a functional Python exploit for CVE-2021-34527, leveraging the Print Spooler service to achieve remote code execution via a crafted driver installation. The exploit includes an SMB server for staging payloads and uses DCERPC for communication with the target.

This repository contains a functional exploit for CVE-2021-34527, leveraging the AddPrinterDriverEx() API to escalate privileges to SYSTEM by loading a malicious DLL into spoolsv.exe. The exploit includes cleanup mechanisms and is designed for Windows Desktop and Server versions.

The repository contains only a vague README with no technical details or exploit code, instead using buzzwords and referencing external CVEs without providing any substantive analysis or PoC.

This repository provides a PowerShell script and documentation for mitigating the PrintNightmare vulnerability (CVE-2021-34527) by applying registry modifications and service configurations. It does not contain exploit code but offers technical guidance on remediation.

This repository contains a functional exploit for CVE-2021-34527, a vulnerability in the Windows Print Spooler service. The exploit leverages the RpcAddPrinterDriverEx function to achieve remote code execution by manipulating printer driver configurations.

This repository contains a Python script that scans for the PrintNightmare vulnerability (CVE-2021-34527) by checking for the presence of security updates, registry settings, and the status of the Print Spooler service. It also attempts to mitigate the vulnerability by disabling the service and updating registry keys.

This repository contains PowerShell scripts to exploit CVE-2021-34527 (PrintNightmare) by modifying ACLs on the Windows Print Spooler directory to grant or deny SYSTEM access, enabling privilege escalation or lateral movement. The scripts include functionality to backup, restore, and manipulate permissions on the spooler directory.

This repository provides a workaround for CVE-2021-34527 (Windows Print Spooler RCE) by disabling the RegisterSpoolerRemoteRpcEndPoint registry entry. It includes detailed instructions for manual mitigation via Group Policy Editor.

The repository contains PowerShell scripts for detecting and remediating registry settings related to CVE-2021-34527 (PrintNightmare). It does not include exploit code but provides detection and mitigation tools.

This repository contains a functional PowerShell script that exploits CVE-2021-34527 (PrintNightmare) to achieve local privilege escalation by adding a new local administrator user or executing a custom DLL as NT AUTHORITY\SYSTEM. The exploit leverages the Windows Print Spooler service to load a malicious DLL.

This repository contains a functional PowerShell exploit for CVE-2021-34527 (PrintNightmare), which leverages a vulnerability in the Windows Print Spooler service to achieve local privilege escalation (LPE) by loading a malicious DLL. The exploit includes a custom DLL payload that creates a new local administrator user with a specified password.

This repository does not contain actual exploit code but instead provides a GitLab CI pipeline to build an external exploit (SharpPrintNightmare) and directs users to download the binary from an external source. The README lacks technical details about CVE-2021-34527 and serves as a redirect to another repository.

This repository contains a functional PowerShell script that exploits CVE-2021-34527 (PrintNightmare) to achieve local privilege escalation by adding a new local administrator user or executing a custom DLL as NT AUTHORITY\SYSTEM. The exploit leverages the Windows Print Spooler service to load a malicious driver.

This repository contains a Python script that detects brute-force attacks by monitoring network traffic for repeated login attempts (e.g., FTP USER/PASS commands) using Scapy. It logs packets to PCAP and CSV files but does not exploit CVE-2021-34527.

This repository contains a functional Python script that sends a crafted SMB payload to exploit CVE-2021-34527 (PrintNightmare). The payload is designed to trigger the vulnerability via SMB port 445.

This repository provides PowerShell scripts to mitigate CVE-2021-34527 (PrintNightmare) by setting registry keys to restrict printer driver installation and block remote printing. It includes technical details on registry modifications and references external blogs for deeper analysis.

This repository contains PowerShell scripts to mitigate CVE-2021-34527 (PrintNightmare) by disabling the Print Spooler service and modifying ACLs to prevent driver installation. The scripts are functional and directly address the vulnerability by blocking exploit paths.

This repository provides PowerShell scripts to mitigate CVE-2021-34527 (PrintNightmare) by modifying ACLs to deny write permissions to the printer drivers directory. It includes scripts to apply and rollback the mitigation, along with a detailed explanation of its effectiveness.

The repository contains only a minimal README with a CVE reference and no functional exploit code or technical details. It appears to be a placeholder without substantive content.

This PowerShell script mitigates CVE-2021-34527 (PrintNightmare) by disabling the Print Spooler service and blocking remote RPC endpoints. It provides options to temporarily or permanently re-enable the service for printing tasks.

This repository contains a simple batch script to disable the Microsoft Print Spooler service as a mitigation for CVE-2021-34527 (PrintNightmare). It does not include an exploit PoC or technical analysis of the vulnerability.

The repository contains PowerShell scripts that scan for the state of the Print Spooler service across domain controllers in an Active Directory environment. It does not exploit CVE-2021-34527 but checks for the service status, which could be used to identify vulnerable systems.

This Metasploit module exploits CVE-2021-34527 (PrintNightmare) by abusing the Print Spooler service to load a malicious DLL via a crafted DCERPC request, achieving remote code execution as NT AUTHORITY\SYSTEM.

This repository contains a functional PowerShell exploit for CVE-2021-1675 (PrintNightmare), which allows local privilege escalation by adding a new local administrator user via a malicious printer driver. The exploit includes a custom DLL payload and leverages the Windows Print Spooler service to execute arbitrary code as NT AUTHORITY\SYSTEM.

This repository contains a functional exploit for CVE-2021-34527 (PrintNightmare), which leverages the Windows Print Spooler service to achieve remote code execution by loading a malicious DLL. The exploit uses the AddPrinterDriverExW API to trigger the vulnerability and requires a SMB server to host the payload.

This repository contains a functional Python exploit for CVE-2021-34527 (PrintNightmare), leveraging Impacket to achieve remote code execution via the Windows Print Spooler service. The exploit supports multiple modes, including DLL injection, vulnerability checking, and driver enumeration.

This repository contains a functional Python exploit for CVE-2021-34527 (PrintNightmare), which leverages the Windows Print Spooler service to achieve remote code execution via a malicious DLL. The exploit uses the MS-RPRN protocol to manipulate printer driver configurations and execute arbitrary code.