Home / exploits
Print Spooler Remote DLL Injection
Posted on 25 May 2022
The print spooler service can be abused by an authenticated remote attacker to load a DLL through a crafted DCERPC request, resulting in remote code execution as NT AUTHORITYSYSTEM. This module uses the MS-RPRN vector which requires the Print Spooler service to be running.