【视频讲解】PicoCTF 2022 PrintNightmare CVE

作者:FancyPig | 发布时间: | 更新时间:

相关阅读

Pico CTF视频讲解往期汇总

在网络安全入门的探讨中,推荐了Pico ctf

data-postsbox="{"id":13208,"title":"2022年网络安全学习路线——如何入门、就业","author":"FancyPig","author_id":1,"cover_image":"","cover_video":"","views":9719,"comment_count":26,"category":"cybersecurity","is_forum_post":false}">{"id":13208,"title":"2022年网络安全学习路线——如何入门、就业","author":"FancyPig","author_id":1,"cover_image":"","cover_video":"","views":9719,"comment_count":26,"category":"cybersecurity","is_forum_post":false}

在上期视频中我们教大家解决ROT13 凯撒密码

data-postsbox="{"id":17582,"title":"【视频讲解】PicoCTF 2022 ROT13凯撒密码","author":"FancyPig","author_id":1,"cover_image":"","cover_video":"","views":2169,"comment_count":2,"category":"cybersecurity","is_forum_post":false}">{"id":17582,"title":"【视频讲解】PicoCTF 2022 ROT13凯撒密码","author":"FancyPig","author_id":1,"cover_image":"","cover_video":"","views":2169,"comment_count":2,"category":"cybersecurity","is_forum_post":false}

今天我们将为大家带来一道有史以来最简单的CTF题目

视频讲解

你见过最简单的CTF题目吗?本期视频我们分享的CTF题目非常简单,我们只需要找到打印噩梦(PrintNightmare)这个漏洞的CVE编号就可以了,这里给大家科普一下,CVE全称是Common Vulnerabilities and Exposures,可以被翻译为公共漏洞披露,一般在漏洞出现后会由Mitre机构分配CVE编号,当然,在我们国内也有CNNVD编号,由国家安全漏洞库进行颁发……

备用播放线路

图文讲解

相关漏洞

漏洞名称:Microsoft Windows Print Spooler Components 安全漏洞

CVE编号:CVE-2021-34527

危害等级:高危

威胁类型: 远程

漏洞介绍

Microsoft Windows Print Spooler Components是美国微软(Microsoft)公司的一个打印后台处理程序组件。

Microsoft Windows Print Spooler Components 存在安全漏洞,攻击者可以通过该漏洞绕过PfcAddPrinterDriver的安全验证,并在打印服务器中安装恶意的驱动程序。

以下产品和版本受到影响:

  • Windows 10 Version 1809 for 32-bit Systems
  • Windows 10 Version 1809 for x64-based Systems
  • Windows 10 Version 1809 for ARM64-based Systems
  • Windows Server 2019
  • Windows Server 2019 (Server Core installation)
  • Windows 10 Version 1909 for 32-bit Systems
  • Windows 10 Version 1909 for x64-based Systems
  • Windows 10 Version 1909 for ARM64-based Systems
  • Windows Server version 1909 (Server Core installation)
  • Windows 10 Version 21H1 for x64-based Systems
  • Windows 10 Version 21H1 for ARM64-based Systems
  • Windows 10 Version 21H1 for 32-bit Systems
  • Windows 10 Version 2004 for 32-bit Systems
  • Windows 10 Version 2004 for ARM64-based Systems
  • Windows 10 Version 2004 for x64-based Systems
  • Windows Server, version 2004 (Server Core installation)
  • Windows 10 Version 20H2 for x64-based Systems
  • Windows 10 Version 20H2 for 32-bit Systems
  • Windows 10 Version 20H2 for ARM64-based Systems
  • Windows Server, version 20H2 (Server Core Installation)
  • Windows 10 for 32-bit Systems,Windows 10 for x64-based Systems
  • Windows 10 Version 1607 for 32-bit Systems
  • Windows 10 Version 1607 for x64-based Systems
  • Windows Server 2016,Windows Server 2016 (Server Core installation)
  • Windows 7 for 32-bit Systems Service Pack 1
  • Windows 7 for x64-based Systems Service Pack 1
  • Windows 8.1 for 32-bit systems,Windows 8.1 for x64-based systems
  • Windows RT 8.1,Windows Server 2008 for 32-bit Systems Service Pack 2
  • Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
  • Windows Server 2008 for x64-based Systems Service Pack 2
  • Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
  • Windows Server 2008 R2 for x64-based Systems Service Pack 1
  • Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
  • Windows Server 2012
  • Windows Server 2012 (Server Core installation)
  • Windows Server 2012 R2
  • Windows Server 2012 R2 (Server Core installation)

POC脚本

https://github.com/cube0x0/CVE-2021-1675

复现视频

标签:网络安全, ctf, printnightmare poc, printnightmare复现, printnightmare漏洞, printnightmare 补丁, cve漏洞库, cve是什么意思, cnnvd, cve-2021-34527 poc, cve-2021-34527复现, cve-2021-34527 验证, cve-2021-34527 漏洞复现, cve-2021-34527补丁, CVE-2021-1675复现, cve-2021-1675补丁, CVE-2021-1675 poc, CVE-2021-1675 补丁, CVE-2021-1675 exp, CVE-2021-1675补丁回退