This was very interesting, thanks for posting it! I will say that this is a bit misleading though:
> the bug comes from the fact that the Powershell command Add-PrinterPort can be used ...
The bug is in the print spooler service and the Windows API to access to it. It just happens that PowerShell offers an easy way to access the Windows API, which makes it easy to illustrate the exploit.
> the bug comes from the fact that the Powershell command Add-PrinterPort can be used ...
The bug is in the print spooler service and the Windows API to access to it. It just happens that PowerShell offers an easy way to access the Windows API, which makes it easy to illustrate the exploit.