admin/Penetration_Testing_POC
1
0
Fork 0
mirror of https://github.com/Mr-xn/Penetration_Testing_POC.git synced 2025-06-20 09:50:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

add CVE-2021-1675 Windows Print Spooler远程代码执行漏洞

Browse Source
This commit is contained in:
Mrxn 2021-06-30 22:48:16 +08:00
parent 72031226ab
commit 29848cb1e2
2 changed files with 112 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

110
CVE-2021-1675.md Normal file
View File

@ -0,0 +1,110 @@
## CVE-2021-1675 Windows Print Spooler远程代码执行漏洞
### 简介
Windows Print Spooler是Windows的打印机后台处理程序广泛的应用于各种内网中。
2021年6月Windows官方发布安全更新其中修复了 CVE-2021-1675 Windows Print Spooler远程代码执行漏洞。
2021年6月29日安全研究人员在GitHub上公开了Windows Print Spooler远程代码执行漏洞POC。攻击者可以通过该漏洞绕过PfcAddPrinterDriver的安全验证并在打印服务器中安装恶意的驱动程序若攻击者所控制的用户在域中则攻击者可以连接到DC中的Spooler服务并利用该漏洞在DC中安装恶意的驱动程序完整的控制整个域环境。
### 影响版本
> Windows Server 2019 (Server Core installation)
>
> Windows Server 2019
>
> Windows Server 2016 (Server Core installation)
>
> Windows Server 2016
>
> Windows Server 2012 R2 (Server Core installation)
>
> Windows Server 2012 R2
>
> Windows Server 2012 (Server Core installation)
>
> Windows Server 2012
>
> Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
>
> Windows Server 2008 R2 for x64-based Systems Service Pack 1
>
> Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
>
> Windows Server 2008 for x64-based Systems Service Pack 2
>
> Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
>
> Windows Server 2008 for 32-bit Systems Service Pack 2
>
> Windows Server, version 2004 (Server Core installation)
>
> Windows RT 8.1
>
> Windows 8.1 for x64-based systems
>
> Windows 8.1 for 32-bit systems
>
> Windows 7 for x64-based Systems Service Pack 1
>
> Windows 7 for 32-bit Systems Service Pack 1
>
> Windows 10 Version 1607 for x64-based Systems
>
> Windows 10 Version 1607 for 32-bit Systems
>
> Windows 10 for x64-based Systems
>
> Windows 10 for 32-bit Systems
>
> Windows Server, version 20H2 (Server Core Installation)
>
> Windows 10 Version 20H2 for ARM64-based Systems
>
> Windows 10 Version 20H2 for 32-bit Systems
>
> Windows 10 Version 20H2 for x64-based Systems
>
> Windows 10 Version 2004 for x64-based Systems
>
> Windows 10 Version 2004 for ARM64-based Systems
>
> Windows 10 Version 2004 for 32-bit Systems
>
> Windows 10 Version 21H1 for 32-bit Systems
>
> Windows 10 Version 21H1 for ARM64-based Systems
>
> Windows 10 Version 21H1 for x64-based Systems
>
> Windows 10 Version 1909 for ARM64-based Systems
>
> Windows 10 Version 1909 for x64-based Systems
>
> Windows 10 Version 1909 for 32-bit Systems
>
> Windows 10 Version 1809 for ARM64-based Systems
>
> Windows 10 Version 1809 for x64-based Systems
>
> Windows 10 Version 1809 for 32-bit Systems
### 处置建议
1、及时更新Windows安全补丁可登录阿里云云安全中心使用漏洞修复模块进行一键检测与修复。
2、在服务应用services.msc中禁用 Print Spooler服务。
### 相关链接
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1675
### POC 链接
https://github.com/afwu/PrintNightmare
https://github.com/cube0x0/CVE-2021-1675

2
README.md
View File

@ -345,6 +345,8 @@
- [【Linux提权】CVE-2021-3560 Local PrivEsc Exploit](https://github.com/swapravo/polkadots)
- [CVE-2021-1675 Windows Print Spooler远程代码执行漏洞](./CVE-2021-1675.md)
## <span id="head7"> tools-小工具集版本合</span>
- [java环境下任意文件下载情况自动化读取源码的小工具](https://github.com/Artemis1029/Java_xmlhack)