Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1110 CNY

100%
Buy Us a Coffee

CVE-2021-1675 PoC — Windows Print Spooler Remote Code Execution Vulnerability

Source
https://github.com/OppressionBreedsResistance/CVE-2021-1675-PrintNightmare
Associated Vulnerability
Title:Windows Print Spooler Remote Code Execution Vulnerability (CVE-2021-1675)
Description:Windows Print Spooler Remote Code Execution Vulnerability
Description
Working PowerShell POC
Readme
# CVE-2021-1675-PrintNightmare
Working PowerShell POC

Powershell script is copied from https://github.com/calebstewart/CVE-2021-1675
Respect for Caleb Stewart and John Hammond. 


I just wanted to have working poc close at hand. Ive added my custom DLL and an obfuscated version of powershell script. 

Obfuscated script loads DLL named "printed.dll" from "C:\windows\tracing" directory.
File Snapshot

 [4.0K]  /data/pocs/13915b6c5971ec2365b69563b36649a03d364090
├── [4.0K]  MyDLL2
│   ├── [ 421]  MyDLL2.cpp
│   ├── [ 617]  MyDLL2.h
│   ├── [6.9K]  MyDLL2.vcxproj
│   ├── [1.0K]  MyDLL2.vcxproj.filters
│   ├── [174K]  printer_clean.ps1
│   └── [171K]  printer_obf.ps1
├── [1.4K]  MyDLL2.sln
└── [ 390]  README.md

1 directory, 8 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →