From a3df89194198d1b94c94e010af31fe3d86105727 Mon Sep 17 00:00:00 2001
From: Victor Ramos Mello <772792+m0nad@users.noreply.github.com>
Date: Wed, 22 Dec 2021 20:07:24 +0100
Subject: [PATCH] Add PrintNightmare article by pentestlab

---
 README.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/README.md b/README.md
index 059bdcc..3146db4 100644
--- a/README.md
+++ b/README.md
@@ -172,6 +172,9 @@ is intended to be executed locally on a Linux box to enumerate basic system info
  - [Finding Passwords in SYSVOL & Exploiting Group Policy Preferences](https://adsecurity.org/?p=2288)
  - [gpp-decrypt Package Description](https://tools.kali.org/password-attacks/gpp-decrypt): A simple ruby script that will decrypt a given GPP encrypted string.
 
+### PrintNightmare
+ - [Universal Privilege Escalation and Persistence](https://pentestlab.blog/2021/08/02/universal-privilege-escalation-and-persistence-printer/): The Print Spooler is responsible to manage and process printer jobs. It runs as a service with SYSTEM level privileges on windows environments.
+
 ### Tools
  - [JAWS - Just Another Windows (Enum) Script](https://github.com/411Hall/JAWS): JAWS is PowerShell script designed to help penetration testers (and CTFers) quickly identify potential privilege escalation vectors on Windows systems. It is written using PowerShell 2.0 so 'should' run on every Windows version since Windows 7.
  - [juicy-potato](https://github.com/ohpe/juicy-potato): A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.