We covered a scenario of gaining access to a windows server machine with vulnerable printer software. We gained the first shell by exploiting a weakness in the SMB protocol to obtain net-ntlmv2 hash by which we were able to login via Evil-Winrm. We performed windows privilege escalation by identifying the printer and its driver model which turned out to be vulnerable to CVE-2019-19363. We demonstrated another path to achieve root via the print nightmare exploit (CVE-2021-1675 ). This was part of Intro to printer exploitation track, Hackthebox Driver.

Get OSCP Certificate Notes

Video Walkthrough

About the Author

Cybersecurity Trainer MS in Cybersecurity Expertise in Healthcare and Finance Industries Penetration tester and compliance auditor

View Articles