CVE-2021-1675

Proof of Concepts and Initial Reports

First attempts seen at claiming a post patch exploit: https://twitter.com/RedDrip7/status/1409353110187757575

Original PoC pulled

First PoC of exploit, forked from the one pulled above: https://github.com/cube0x0/CVE-2021-1675

More efforts to show the PoC:

Microsoft may be pulling the more easily usable PoC's from github

Mitigations

MS Documentation on Print Spooler:

Possible GPO based mitigation for non-print server: https://github.com/LaresLLC/CVE-2021-1675

Possible Mitigation for Print Servers: https://blog.truesec.com/2021/06/30/fix-for-printnightmare-cve-2021-1675-exploit-to-keep-your-print-servers-running-while-a-patch-is-not-available/

Roku Shortcut Cheatsheet

  1. System Information - Things like CPU Temps, Clock Speeds etc.

    Press Home x5 > Fast Forward> Down > Rewind > Down > Fast Forward

  2. Wireless Settings - Things like signal strength, drops/retries etc. Can be used to adjust your 2.4 gHz strength to just the right level (anything better than -70 dbm seems optimal)

    Press Home x5 > Up > Down > Up > Down > Up

  3. Limit streaming bandwidth - Handy if you have datacaps and want to manage a heavy streamer etc

    Press Home x5 > Rewind x3 > Fast Forward x2

  4. Random Secret Screens - Disable scrolling ads etc.

    Press Home x5 > Fast Forward x3 > Rewind x2

    Press Home x5 > Up > Right > Down > Left > Up

  5. Developer Options - Webserver to take screenshots of rokus etc.

    Press Home x3 > Up x2 > Right > Left > Right > Left > Right

  6. Force Restart - When you are too lazy to walk up and power cycle it.

    Press Home x5 > Up > Rewind x2 > Fast Forward x2.