MultiPotato - Another Potato to get SYSTEM via SeImpersonate privileges

First of all - credit to @splintercode & @decoderit for RoguePotato as this code heavily bases on it. This is just another Potato to get SYSTEM via SeImpersonate privileges. But this one is different in terms of It doesn't contain any SYSTEM auth trigger for weaponization. Instead the code can be...

Abusing BITS: BITSInject

Windows’ BITS service is a middleman for your download jobs. You start a BITS job, and from that point on, BITS is responsible for the download. But what if we tell you that BITS is a careless middleman? We have uncovered the way BITS maintains its jobs queue using a state file on disk, and found...