If a Volume Shadow Copy (VSS) shadow copy of the system drive is available, users can read the SAM file which would allow any user to escalate privileges to SYSTEM level.
PoC: CVE-2021-36934
C# PoC for CVE-2021-36934/HiveNightmare/SeriousSAM
PoC: ShadowSteal
Pure Nim implementation for exploiting CVE-2021-36934, the SeriousSAM local privilege escalation
PoC: Invoke-HiveNightmare
PoC for CVE-2021-36934, which enables a standard user to be able to retrieve the SAM, Security, and Software Registry hives in Windows 10 version 1809 or newer
PoC: CVE-2021-36934
Fix for the CVE-2021-36934
PoC: CVE-2021-36934
HiveNightmare aka SeriousSAM
PoC: SeriousSam
HiveNightmare a.k.a. SeriousSam Local Privilege Escalation in Windows – CVE-2021-36934
PoC: CVE-2021-36934
Detection and Mitigation script for CVE-2021-36934 (HiveNightmare aka. SeriousSam)
PoC: oxide_hive
Exploit for CVE-2021-36934
PoC: PyNightmare
PoC for CVE-2021-36934 Aka HiveNightmare/SeriousSAM written in python3
PoC: Why-so-Serious-SAM
PoC malware that uses exploit CVE-2021-36934 (improper ACLs on shadow copies) using a fileless red team method on Windows 10/11 with LOLBins, extracting SYSTEM and SAM hives for local NTLM hashes.
PoC: CVE-2021-36934
SeriousSAM Auto Exploiter
PoC: Invoke-HiveDreams
A capability to identify and remediate CVE-2021-36934 (HiveNightmare)
PoC: VSSCopy
Small and dirty PoC for CVE-2021-36934
PoC: poc_CVE-2021-36934
POC experiments with Volume Shadow copy Service (VSS)
PoC: CVE-2021-36934
CVE-2021-36934 HiveNightmare vulnerability checker and workaround
PoC: CVE-2021-36934
CVE-2021-36934 PowerShell scripts
PoC: CVE-2021-36934
Windows Elevation of Privilege Vulnerability (SeriousSAM)
PoC: CVE-2021-36934-HiveNightmare-Lab
Educational lab demonstrating CVE-2021-36934 (HiveNightmare) - Windows LPE via shadow copy ACL misconfiguration.
PoC: Why-so-Serious-SAM
PoC malware that uses exploit CVE-2021-36934 (improper ACLs on shadow copies) using a fileless red team method on Windows 10/11 with LOLBins, extracting SYSTEM and SAM hives for local NTLM hashes.
PoC: SeriousSam
Windows Elevation of Privilege Vulnerability CVE-2021-36934
PoC: Serious-Sam---CVE-2021-36934-Mitigation-for-Datto-RMM
This PowerShell script will take the mitigation measures for CVE-2021-36934 described by Microsoft and the US CERT team. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36934 https://kb.cert.org/vuls/id/506989 USE AT YOUR OWN RISK -- BACKUPS MAY BREAK.
PoC: CVE-2021-36934
C# PoC for CVE-2021-36934/HiveNightmare/SeriousSAM
PoC: CVE-2021-36934
CVE-2021-36934 PowerShell Fix
Get alerted for CVEs like this
Register your stack and get notified within minutes when a matching CVE drops.
Start monitoring free