wmic printer list does not trigger the exploit #1
Description
Okay so I might be just doing something wrong, or understanding the exploit incorrectly -
I am running Windows 10 22H2.
After compiling the tool and executing the binary with administratives privileges in -execute mode everything works as planned, but if I use the -hijack mode and then execute wmic printer list manually (using the same admin-level user), the shell doesn't get triggered.
Moreover, when using a file overwrite vuln to get write access on PrintConfig.dll, I replace the original DLL with the compiled one. If I use the tool with a low-privileged user after gaining write access to the file, I get an error saying the user doesn't own thd directory (which is fine, as the user only has write access on the DLL). Afterwards, I execute wmic, and once again, no result.
So question is - what does the .exe binary actually do other than overwriting the DLL and running wmic printer list?