cve/2021/CVE-2021-36934.md

CVE-2021-36934

Description

An elevation of privilege vulnerability exists because of overly permissive Access Control Lists (ACLs) on multiple system files, including the Security Accounts Manager (SAM) database. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

An attacker must have the ability to execute code on a victim system to exploit this vulnerability.

After installing this security update, you must manually delete all shadow copies of system files, including the SAM database, to fully mitigate this vulnerabilty. Simply installing this security update will not fully mitigate this vulnerability. See KB5005357- Delete Volume Shadow Copies.

POC

Reference

• http://packetstormsecurity.com/files/164006/HiveNightmare-AKA-SeriousSAM.html

Github

• https://github.com/0x0D1n/CVE-2021-36934
• https://github.com/0x7n6/OSCP
• https://github.com/0xStrygwyr/OSCP-Guide
• https://github.com/0xZipp0/OSCP
• https://github.com/0xsyk0/GoHiveShadow
• https://github.com/0xsyr0/OSCP
• https://github.com/20142995/sectool
• https://github.com/5thphlame/OSCP-NOTES-ACTIVE-DIRECTORY-1
• https://github.com/7hang/cyber-security-interview
• https://github.com/AMatheusFeitosaM/OSCP-Cheat
• https://github.com/ANON-D46KPH4TOM/Active-Directory-Exploitation-Cheat-Sheets
• https://github.com/ARPSyndicate/cvemon
• https://github.com/Amar224/Active-Directory-Exploitation-Cheat-Sheet
• https://github.com/Ascotbe/Kernelhub
• https://github.com/AshikAhmed007/Active-Directory-Exploitation-Cheat-Sheet
• https://github.com/BADR0b0t33/NSFW-Malware
• https://github.com/BADR0b0t33/PrintAttck
• https://github.com/BC-SECURITY/Moriarty
• https://github.com/ChristosSmiliotopoulos/Lateral-Movement-Dataset--LMD_Collections
• https://github.com/CrackerCat/HiveNightmare
• https://github.com/Cruxer8Mech/Idk
• https://github.com/EnriqueSanchezdelVillar/NotesHck
• https://github.com/Faizan-Khanx/OSCP
• https://github.com/FireFart/hivenightmare
• https://github.com/GossiTheDog/HiveNightmare
• https://github.com/HuskyHacks/ShadowSteal
• https://github.com/Jalexander798/JA_Tools-ActiveDirectory-Exploitation
• https://github.com/JoranSlingerland/CVE-2021-36934
• https://github.com/LPZsec/RedTeam-Articles
• https://github.com/Ly0nt4r/OSCP
• https://github.com/Mehedi-Babu/active_directory_chtsht
• https://github.com/Mikasazero/Cobalt-Strike
• https://github.com/Mohit0/Active-Directory-Exploitation-Cheat-Sheet
• https://github.com/Mr-xn/Penetration_Testing_POC
• https://github.com/NaInSec/CVE-PoC-in-GitHub
• https://github.com/Network-Sec/privATM
• https://github.com/OlivierLaflamme/CVE-2021-36934-export-shadow-volume-POC
• https://github.com/Operational-Sciences-Group/Project-Beewolf
• https://github.com/Ostorlab/KEV
• https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
• https://github.com/P1rat3R00t/Why-so-Serious-SAM
• https://github.com/Preventions/CVE-2021-36934
• https://github.com/PuddinCat/GithubRepoSpider
• https://github.com/RNBBarrett/CrewAI-examples
• https://github.com/RP01XXX/internalpentesting
• https://github.com/ReflectedThanatos/OSCP-cheatsheet
• https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet
• https://github.com/SYRTI/POC_to_review
• https://github.com/SantoriuHen/NotesHck
• https://github.com/SenukDias/OSCP_cheat
• https://github.com/SexyBeast233/SecBooks
• https://github.com/SirElmard/ethical_hacking
• https://github.com/Sp00kySkelet0n/PyNightmare
• https://github.com/Sp00p64/PyNightmare
• https://github.com/T0mcat3r/ALinks
• https://github.com/TrojanAZhen/Self_Back
• https://github.com/VertigoRay/CVE-2021-36934
• https://github.com/ViniciusClement/OSCP_2025
• https://github.com/VishuGahlyan/OSCP
• https://github.com/Wh04m1001/VSSCopy
• https://github.com/WhooAmii/POC_to_review
• https://github.com/WiredPulse/Invoke-HiveDreams
• https://github.com/WiredPulse/Invoke-HiveNightmare
• https://github.com/YSayaovong/HiveNightmare
• https://github.com/YangSirrr/YangsirStudyPlan
• https://github.com/aymankhder/AD-esploitation-cheatsheet
• https://github.com/b4rtik/SharpKatz
• https://github.com/bytesizedalex/CVE-2021-36934
• https://github.com/cfalta/MicrosoftWontFixList
• https://github.com/chron1k/oxide_hive
• https://github.com/creeper-exe/creeper-exe
• https://github.com/crimsoncore/SharpKatz
• https://github.com/cube0x0/CVE-2021-36934
• https://github.com/cyb3rpeace/Active-Directory-Exploitation-Cheat-Sheet
• https://github.com/cyb3rpeace/HiveNightmare
• https://github.com/drerx/Active-Directory-Exploitation-Cheat-Sheet
• https://github.com/e-hakson/OSCP
• https://github.com/elinakrmova/Active-Directory-Exploitation-Cheat-Sheet
• https://github.com/eljosep/OSCP-Guide
• https://github.com/exfilt/CheatSheet
• https://github.com/exploitblizzard/CVE-2021-36934
• https://github.com/fazilbaig1/oscp
• https://github.com/firefart/hivenightmare
• https://github.com/geeksniper/windows-privilege-escalation
• https://github.com/grishinpv/poc_CVE-2021-36934
• https://github.com/guervild/BOFs
• https://github.com/hktalent/bug-bounty
• https://github.com/huike007/penetration_poc
• https://github.com/huisetiankong478/penetration_poc
• https://github.com/imanathauda/SeriousSam-Vulnerability-exploitation-and-mitigation
• https://github.com/imanbanda/SeriousSam-Vulnerability-exploitation-and-mitigation
• https://github.com/irissentinel/CVE-2021-36934
• https://github.com/izj007/wechat
• https://github.com/jitmondal1/OSCP
• https://github.com/jmaddington/Serious-Sam---CVE-2021-36934-Mitigation-for-Datto-RMM
• https://github.com/jordanf17/PenTest-Report
• https://github.com/k8gege/Ladon
• https://github.com/kas0n/RedTeam-Articles
• https://github.com/kgwanjala/oscp-cheatsheet
• https://github.com/leoambrus/CheckersNomisec
• https://github.com/lions2012/Penetration_Testing_POC
• https://github.com/lyshark/Windows-exploits
• https://github.com/mr-r3b00t/HiveNigtmare
• https://github.com/mranv/adPentest
• https://github.com/mwarnerblu/GoHN
• https://github.com/n0-traces/cve_monitor
• https://github.com/n3tsurge/CVE-2021-36934
• https://github.com/nholuongut/active-directory-exploitation-cheat-sheet
• https://github.com/nitishbadole/oscp-note-3
• https://github.com/nomi-sec/PoC-in-GitHub
• https://github.com/noodlemctwoodle/MSRC-CVE-Function
• https://github.com/oscpname/OSCP_cheat
• https://github.com/parth45/cheatsheet
• https://github.com/plzheheplztrying/cve_monitor
• https://github.com/pwnlog/ALinks
• https://github.com/pwnlog/PAD
• https://github.com/pwnlog/PuroAD
• https://github.com/pwnlog/PurpAD
• https://github.com/pyonghe/HiveNightmareChecker
• https://github.com/rajbhx/Active-Directory-Exploitation-Cheat-Sheet
• https://github.com/retr0-13/Active-Directory-Exploitation-Cheat-Sheet
• https://github.com/revanmalang/OSCP
• https://github.com/rkreddyp/securitygpt
• https://github.com/rnbochsr/atlas
• https://github.com/rodrigosilvaluz/JUST_WALKING_DOG
• https://github.com/romarroca/SeriousSam
• https://github.com/rumputliar/Active-Directory-Exploitation-Cheat-Sheet
• https://github.com/s3mPr1linux/JUST_WALKING_DOG
• https://github.com/shaktavist/SeriousSam
• https://github.com/slaptat/GroupScripts
• https://github.com/soosmile/POC
• https://github.com/splunk-soar-connectors/microsoftdefenderforendpoint
• https://github.com/splunk-soar-connectors/windowsdefenderatp
• https://github.com/sponkmonk/Ladon_english_update
• https://github.com/taielab/awesome-hacking-lists
• https://github.com/tda90/CVE-2021-36934
• https://github.com/trhacknon/Pocingit
• https://github.com/txuswashere/OSCP
• https://github.com/txuswashere/Pentesting-Windows
• https://github.com/undefined-name12/Cheat-Sheet-Active-Directory
• https://github.com/websecnl/CVE-2021-36934
• https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
• https://github.com/wolf0x/HiveNightmare
• https://github.com/wolf0x/PSHiveNightmare
• https://github.com/wsummerhill/CobaltStrike_RedTeam_CheatSheet
• https://github.com/xhref/OSCP
• https://github.com/xuetusummer/Penetration_Testing_POC
• https://github.com/ycdxsb/WindowsPrivilegeEscalation
• https://github.com/zecool/cve