GodPotato

GodPotato

GodPotato is a privilege escalation tool for Windows systems (Windows 2012 - Windows 2022). It leverages a new DCOM research-based technique to escalate privileges to NT AUTHORITY\SYSTEM, provided the user has ImpersonatePrivilege.

Key features:

• DCOM Exploitation: Bypasses traditional Potato exploits limitations by using a novel DCOM-related method.
• Wide OS Support: Works on Windows Server 2012 up to Windows Server 2022, and Windows 8 through Windows 11.
• Low Privilege Requirement: Only needs ImpersonatePrivilege, commonly found in WEB services and database services.
• RPCSS Dependency: Exploits vulnerabilities in rpcss, a core system service, ensuring broad applicability.

Use Cases:

• Privilege escalation from WEB/database user to SYSTEM.
• Red team operations on modern Windows environments.
• Circumventing traditional privilege escalation mitigations.