𝐋𝐔𝐂𝐈𝐅𝐄𝐑'𝐒-𝐖𝐎𝐑𝐋𝐃

2021-10-07 14:33:41 •.¸♡ [#AnonymousDeviL ] ♡¸.•

PrintNightmare (CVE-2021-1675) - Execute malicious DLLs on Windows targets as SYSTEM
Included in the SpoolSploit container is an SMB server implemented via Impacket (https://github.com/SecureAuthCorp/impacket). This server can be used to host malicious DLLs when executing the printnightmare attack in SpoolSploit. The default SMB server settings work, but if you want to customize them you can modify the configuration file located at /home/dlogmas/smbserver/smb-v1.conf.The only thing you need to do is copy your DLL to the SMB server's share folder in the SpoolSploit container. The share path in the container is /home/dlogmas/smbserver/share/. The following commands demonstrate how to upload a DLL to the SpoolSploit container and make it accessible to the SMB server.sudo docker cp ./malicious.dll spoolsploit:/home/dlogmas/smbserver/share/
sudo docker exec spoolsploit /bin/sh -c 'sudo chown dlogmas:dlogmas /home/dlogmas/smbserver/share/malicious.dll' Open / Comment

2021-10-07 14:33:34 •.¸♡ [#AnonymousDeviL ] ♡¸.•

A collection of Windows print spooler exploits containerized with other utilities for practical exploitation.
Summary
SpoolSploit is a collection of Windows print spooler exploits containerized with other utilities for practical exploitation. A couple of highly effective methods would be relaying machine account credentials (https://www.kitploit.com/search/label/Credentials) to escalate privileges and execute malicious DLLs on endpoints (https://www.kitploit.com/search/label/Endpoints) with full system access. Open / Comment

2021-10-07 14:33:29 •.¸♡ [#AnonymousDeviL ] ♡¸.•

Disclaimer
This proof-of-concept code has been created for academic research and is not intended to be used against systems except where explicitly authorized. The code is provided as is with no guarantees or promises on its execution. I am not responsible or liable for misuse of this code.
Credits

SpoolSample - Microsoft (https://www.kitploit.com/search/label/Microsoft) Feature
leechristensen (https://github.com/leechristensen/SpoolSample) discovered the SpoolSample exploit and created a C# POC SpoolSample (https://github.com/leechristensen/SpoolSample/tree/master/SpoolSample)3xocyte (https://gist.github.com/3xocyte) created a Python2 SpoolSample POC dementor (https://gist.github.com/3xocyte/cfaf8a34f76569a8251bde65fe69dccc#file-dementor-py).
PrintNightmare - CVE-2021-1675 / CVE-2021-34527
cube0x0 (https://github.com/cube0x0) created Python PrintNightmare exploit after implementing the MS-PAR & MS-RPRN protocols and API calls in Impacket (https://github.com/SecureAuthCorp/impacket).Zhiniang Peng (https://twitter.com/edwardzpeng) & Xuefeng Li (https://twitter.com/lxf02942370) discovered this exploit.

Download SpoolSploit (https://github.com/BeetleChunks/SpoolSploit) Open / Comment

2021-10-07 14:33:25 •.¸♡ [#AnonymousDeviL ] ♡¸.• Open / Comment

2021-10-07 14:33:24 •.¸♡ [#AnonymousDeviL ] ♡¸.• Open / Comment