ZackInMA
ZackInMA
Run from an out of date Win10 host, Windows defender disabled, firewall disabled, file and printer sharing enabled, no mitigation steps taken. Print spooler is running, and allowing inbound client...
Steps to reproduce: Set up a proxy that will allow you to observe the requests. BurpSuite or Zap would be fine for this. Run ffuf: ffuf -w /usr/share/seclists/Fuzzing/SQLi/Generic-BlindSQLi.fuzzdb.txt -u "https://www.mysite.com?q=FUZZ&legacy=false"...
Tested against a known vulnerable host. All the necessary dependencies in place. ──(kali㉿Kali1)-[~/…/Tools/Windows/PrintNightmare/PrintNightmare] └─$ python ./printnightmare.py -check 'offsec:[email protected]' 1 ⨯ Impacket v0.10.0 - Copyright 2022 SecureAuth Corporation [*] Target appears...