This exploit leverages a file write vulnerability in the print spooler service which will restart if stopped. Because the service cannot be stopped long enough to remove the dll, there is no way to remove the dll once it is loaded by the service. Essentially, on default settings, this module adds a permanent elevated backdoor.
042eb96d4be3493ee746dfaae2491220ba9b12278e37c6ccaaa1b2d1f175f42f
This is a proof of concept exploit that takes advantage of a privilege escalation vulnerability in the Windows Print Spooler.
10cd5282101291a6752965e7e18cbc4e13658d0643547dbb3204e8fd764b8c3a
Apache Tomcat AJP Ghostcat file read and inclusion exploit.
2cb37d2adc51e868f0ba9c5b8b8f0150f2aacbb92a005b9a560ea332c4143aab