Privilege Escalation

The get_system and the system_exec command utilize a common technique to duplicate a token from a process running with system privileges and assign that token to the current badger process. Once the token is impersonated, whatever commands you execute, will be executed with SYSTEM/NT AUTHORITY privileges. These 2 commands will only work on privileged badgers.

The system_exec command on the other hand, not only impersonate a token of a system process, but it also takes a process name as an argument which it executes with system privileges and then reverts its token to the default user, once the process execution is complete.