A system admin's complete nightmare, users changing the registry from anywhere and everywhere without authentication.
Explore the docs »
View Demo
.
Report Bug
.
Request Feature
- About the Project
- Built With
- Getting Started
- Usage
- Roadmap
- Contributing
- License
- Authors
- Acknowledgements
An "Incorrect Use of a Privileged API" vulnerability in PrintixService.exe, in Printix's "Printix Secure Cloud Print Management", Version 1.3.1106.0 and below allows a Local Or Remote attacker the ability change all HKEY Windows Registry values as SYSTEM context via the UITasks.PersistentRegistryData parameter.
Here's why this is a big issue:
- This CVE allows anyone to connect to your corporate network and change any registry value that they please on the remote computer.
- Any user logged in (regardless of their user role) is able to target themselves, or have someone remotely systematically change all registry values on the machine.
- There is practically no way to check for the machine but a method to check if a machine has been compromised will be released soon.
Any machine that has any version of Printix installed (<= 1.3.1106.0 as of 3/1/2022) is highly vulnerable to this exploit. A patch could be released within a couple months, yet this may take even longer due to how embedded this command is inside their API, and how their entire authentication framework has to be changed.
This was discovered on 10/2/2021, and a CVE was reserved on 3/1/2022.
.NET Framework 4.8
There are two options to this project, such as compiling the solution yourself or just downloading and running the precompiled software.
You will need to install Visual Studio, or have downloaded the perquisite libraries.
-
Download the project, and open it in Visual Studio.
-
Ensure that all NuGet packages are referenced.
-
Enjoy.
This is a console based program, so all you have to do is run the program.
See the open issues for a list of proposed features (and known issues).
Contributions are what make the open source community such an amazing place to be learn, inspire, and create. Any contributions you make are greatly appreciated.
- If you have suggestions for adding or removing projects, feel free to open an issue to discuss it, or directly create a pull request after you edit the README.md file with necessary changes.
- Please make sure you check your spelling and grammar.
- Create individual PR for each suggestion.
- Please also read through the Code Of Conduct before posting your first idea as well.
Distributed under the MIT License. See LICENSE for more information.
- Logan Latvala - Cyber security enthusiast - Logan Latvala - Founded the vulnerability & created the code.