SeImpersonatePrivilege

SeImpersonatePrivilege allows us to impersonate any token for which we can get a reference, or handle.

The following is based on printerbug / sharpspooltrigger but for local elevation.

PrintSpoofer automates this process / exploit

PrintSpoofer.exe -i -c cmd

Tools

• https://github.com/itm4n/PrintSpoofer