Privilege escalation from NT Service to SYSTEM using SeImpersonateToken privilege and MS-RPRN functions. Heavily based Reflective Loader from Install Clone this repo and compile the project in VisualStudio then load dist/coercedpotato.cna into CobaltStrike. Usage You first need to spawn the RPC listener with for example then you can trigger a SYSTEM call