GodPotato
GodPotato is a privilege escalation tool for Windows systems (Windows 2012 - Windows 2022). It leverages a new DCOM research-based technique to escalate privileges to NT AUTHORITY\SYSTEM, provided the user has ImpersonatePrivilege.
Key features:
- DCOM Exploitation: Bypasses traditional Potato exploits limitations by using a novel DCOM-related method.
- Wide OS Support: Works on Windows Server 2012 up to Windows Server 2022, and Windows 8 through Windows 11.
- Low Privilege Requirement: Only needs
ImpersonatePrivilege, commonly found in WEB services and database services. - RPCSS Dependency: Exploits vulnerabilities in rpcss, a core system service, ensuring broad applicability.
Use Cases:
- Privilege escalation from WEB/database user to SYSTEM.
- Red team operations on modern Windows environments.
- Circumventing traditional privilege escalation mitigations.
