[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-1407":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":16,"subscribersCount":16,"size":16,"stars1d":17,"stars7d":18,"stars30d":13,"stars90d":16,"forks30d":16,"starsTrendScore":19,"compositeScore":20,"rankGlobal":10,"rankLanguage":10,"license":21,"archived":22,"fork":22,"defaultBranch":23,"hasWiki":24,"hasPages":22,"topics":25,"createdAt":10,"pushedAt":10,"updatedAt":26,"readmeContent":27,"aiSummary":28,"trendingCount":16,"starSnapshotCount":16,"syncStatus":15,"lastSyncTime":29,"discoverSource":30},1407,"GodPotatoBOF","incursi0n\u002FGodPotatoBOF","incursi0n","Cobalt Strike BOF used to perform privilege escalation by exploiting the SeImpersonate privilege. Based on the original GodPotato PoC by BeichenDream.","",null,"C",260,32,1,2,0,4,20,12,4.56,"MIT License",false,"main",true,[],"2026-06-12 02:00:27","# GodPotatoBOF\n\nA Beacon Object File port of [GodPotato](https:\u002F\u002Fgithub.com\u002FBeichenDream\u002FGodPotato) for Cobalt Strike.\n\nThis BOF triggers the GodPotato privilege escalation flow and supports two behaviors:\n\n- default mode: steal a SYSTEM token and spawn a process to run a command\n- `token` mode: steal a SYSTEM token and apply it to the current Beacon with `BeaconUseToken()`\n\n## To start\n\n1. Git clone the repo\n2. Run `make`\n\n## Usage\n\n1. Import `godpotato.cna` into Cobalt Strike\n2. Execute the BOF with the CNA alias\n\n```text\ngodpotato [token] [-cmd \u003Ccommand>] [-pipe \u003Cname>]\n```\n\nArgument summary:\n\n```text\n(none)             Run \"cmd \u002Fc whoami\" as SYSTEM.\ntoken              Apply a SYSTEM token to the current Beacon with BeaconUseToken().\n-cmd \u003Ccmd>         Run a command as SYSTEM in a spawned process.\n-pipe \u003Cname>       Use a custom named pipe. Default is a random pipe name.\nhelp,-h,--help,\u002F?  Show this help.\n```\n\nExamples:\n\n```text\ngodpotato\ngodpotato token\ngodpotato help\ngodpotato -cmd \"cmd \u002Fc whoami \u002Fpriv\"\ngodpotato -cmd \"cmd \u002Fc whoami\" -pipe \"mycustompipe\"\n```\n\nCredits:\n\n- https:\u002F\u002Fgithub.com\u002FBeichenDream\u002FGodPotato\n- https:\u002F\u002Fgithub.com\u002FMEhrn00\u002Fboflink\n- https:\u002F\u002Fgithub.com\u002Ftrustedsec\u002FCS-Situational-Awareness-BOF\u002Ftree\u002Fmaster\u002Fsrc\u002Fbase_template\n- https:\u002F\u002Fgithub.com\u002FCodeXTF2\u002Fbof_template\n","GodPotatoBOF 是一个用于Cobalt Strike的Beacon Object File，通过利用SeImpersonate权限实现提权。该项目基于BeichenDream的原始GodPotato PoC开发，主要功能包括以默认模式窃取SYSTEM令牌并启动进程执行命令，或在`token`模式下将SYSTEM令牌应用于当前Beacon。采用C语言编写，适用于需要进行渗透测试和红队演练时提升权限的场景。MIT许可证授权。","2026-06-11 02:43:33","CREATED_QUERY"]